For those who are still booting into Microsoft Windows, a new version (0.60) of our F-Secure Exploit Shield Beta is now available.
You may also remember that Microsoft patched MS08-078 around the same time. Multiple versions of Internet Explorer were affected on multiple versions of the Windows OS and exploit code was circulating at the time. Exploit Shield 0.5 was able to proactively protect against those exploits.
Exploit Shield is designed to shield Web browsers between the development of an exploit and the release of the vendor’s patch.
To sum up, Exploit Shield provides:
- Zero Day Defense: Protects unpatched machines.
- Patch-Equivalent Protection: Vulnerability “shield” updates.
- Proactive Measures: Heuristic detection techniques.
- Protects Against All Websites: Regardless if untrusted or trusted and malicious or hacked.
- Automatic Feedback: detected exploit attempts are automatically reported to F-Secure.
Here’s the main menu:
Version 0.60 now includes 32-bit Vista support, includes more vulnerability coverage and also includes engine improvements.
Look for the download link from: www.f-secure.com/labs.
If you want or need a reason to test Exploit Shield, consider this month’s Microsoft Updates. There were two vulnerabilities in Internet Explorer 7 for Windows XP and Windows Vista that were patched last week…
Firefox isn’t completely immune either, see Mozilla’s Security Center for details on recent vulnerability patches.
[source: F-Secure Weblog]
P/S: Version 0.5 users will now see a prompt that their installation has expired. The database channel is now closed, but the existing shields and the proactive protections remain.
*** [updated on 22/2/2009] ***
F-Secure Exploit Shield proactively protected against MS09-002 (a vulnerability in Internet Explorer 7) without the need for a shield update.