SUNNYVALE, Calif., Jan. 30 /PRNewswire-FirstCall/ -- Within hours of the identification of a flaw in version 5.12 of Nullsoft's Winamp media player, SonicWALL, Inc. (NASDAQ: SNWL) issued signatures, which actively protect users of its Internet threat prevention technology from the vulnerability. Defined as "extremely critical," the flaw could lead to unauthorized hackers taking control of a user's system.
SonicWALL's SonicALERT team first detected signs of the Winamp vulnerability during the morning of January 30 and within hours, wrote, tested and launched a response across all SonicWALL security appliances worldwide using the company's dynamic protection capabilities.
The current version of Winamp contains an error in its playlist parsing allowing malicious users to execute code via a prepared playlist. This bug can even be triggered through a website -- without user interaction -- by linking to a PLS file in an IFRAME tag. This triggers a buffer overflow, which if successful, would allow the malicious software to surreptitiously install spyware on a user's PC or allow a hacker to control the machine remotely.
SonicWALL, named the leader in Unified Threat Management (UTM) security appliances worldwide for the third consecutive quarter, according to IDC's Worldwide Q3 Security Appliance Tracker(1), delivers zero day gateway anti- virus and intrusion prevention signatures to its subscribers on a continual basis, to defend against new and existing Internet attacks and exploit.
Further information on EXPLOIT Nullsoft Winamp Player PLS File Handling Remote Buffer Overflow Attack is available at http://software.sonicwall.com/applications/ips/index.asp?ev=sig&sigid=3112 .
About SonicWALL, Inc.
Founded in 1991, SonicWALL, Inc. designs, develops and manufactures comprehensive network security, secure remote access, and continuous data protection solutions. Offering both appliance-based products as well as value-added subscription services, SonicWALL's comprehensive solutions enable organizations to secure deep protection without compromising network performance. SonicWALL is a recognized global leader in the small and medium business markets and its solutions are deployed in distributed enterprise environments, government, retail point-of-sale and healthcare segments as well as through service providers. SonicWALL, Inc. is headquartered in Sunnyvale, CA and trades on the NASDAQ exchange under the symbol SNWL. For more information, contact SonicWALL at +1-408-745-9600 or visit the company web site at http://www.sonicwall.com/ .
Safe Harbor Regarding Forward-Looking Statements
Certain statements in this press release are "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. The forward-looking statements include but are not limited to statements regarding our ability to protect users from the Nullsoft Winamp Player PLS File Handling Remote Buffer Overflow Attack exploit and our ability to launch day zero gateway anti-virus and intrusion prevention to users to defend against attacks. These forward-looking statements are based on the opinions and estimates of management at the time the statements are made and are subject to certain risks and uncertainties that could cause actual results to differ materially from those anticipated in the forward-looking statements. In addition, please see the "Risk Factors" described in our Securities and Exchange Commission filings, including our Annual Report on Form 10-K/A for the year ended December 31, 2004, and our reports on Form 10-Q for interim periods thereafter, for a more detailed description of the risks facing our business. All forward-looking statements included in this release are based upon information available to SonicWALL as of the date of the release, and we assume no obligation to update any such forward-looking statement. All forward-looking statements included in this release are based upon information available to SonicWALL as of the date of the release, and we assume no obligation to update any such forward-looking statement.
(1)"Source: IDC WW Quarterly Security Appliance Tracker, Q3, December 2005"
NOTE: SonicWALL is a registered trademark of SonicWALL, Inc. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
FCMN Contact: slondon@hoffman.com
SOURCE: SonicWALL, Inc.
CONTACT: Mary McEvoy of SonicWALL, Inc., +1-408-962-7110, or
mmcevoy@sonicwall.com; or Sarah London of The Hoffman Agency, +1-408-975-3034,
or slondon@hoffman.com, for SonicWALL, Inc.
Web site: http://www.sonicwall.com/
