News in Brief

Windows kernel advisory; remote office firewall; multi-biometric accesscontrol

Buffer Overrun in Windows Kernel

Microsoft released an “important” security advisory that a flaw in how the Windows kernel—the core of the operating system—handles messages could lead to a buffer overflow, giving an attacker elevated privileges. Caveats are that the attacker would have to log on interactively—such as with administrator privileges—to the server to introduce the code needed to make the attack. A successful attack would allow someone to take any action on the system, including deleting data, adding accounts with administrative access, or reconfiguring the system.

The patch is available at

Enterasys Releases New Remote Office Firewall Features

Enterasys released new security and management features for its XSR-1800 family of routers, which address the security needs of remote offices by incorporating a range of IP router features, WAN interfaces, remote access, and site-to-site Virtual Private Networking.

New features include enterprise-strength firewall features such as stateful packet inspection, application-level gateways, smart-service filtering and blocking, and denial-of-service attack protection. Stateful inspection is implemented in the kernel.

For more information:

First Multi-Biometric Access Control Software

Advanced Biometric Security (ABS), an enterprise biometric security software vendor, released AccessPoint, a multi-biometric physical access control product to integrate any combination of biometric technologies—face, hand, iris, finger, voice—with smart cards and PIN and card systems.

The software provides a single interface for different biometric technologies, using APIs where necessary to unify information sharing across different biometric products. Unifying them would otherwise be a time- and cost-intensive process.

The software allows for single enrollment of users across a range of biometric technologies. It also features logging and audit tracking and centralized administration, and integrates other with applications via standards including TCP/IP, HTTP/HTTPS, XML, and SOAP.

For more information, visit

About the Author

Mathew Schwartz is a Contributing Editor for Enterprise Systems and is its Security Strategies column, as well as being a long-time contributor to the company's print publications. Mr. Schwartz is also a security and technology freelance writer.