FireEye

MENLO PARK, Calif.—August 11, 2006— FireEye, Inc., a pioneer in Network Access Control (NAC) technology, today announced that its flagship FireEye 4200 NAC appliance provides plug-and-protect defense for its customer's network systems that are susceptible to the latest "critical" Microsoft Windows vulnerabilities. FireEye's solution does not require patches or updates to protect against the vulnerability (described in Microsoft Security Bulletin MS06-040) that could be used in a widespread worm attack.

The vulnerability affects Windows Server services which are generally enabled by default on Windows systems, and are used for common network applications like file sharing and printing. According to the Department of Homeland Security (DHS), it has the potential to impact government systems, private industry and critical infrastructure, as well as individual home users and infect millions of computers for the purposes of sending spam, stealing credit card numbers, or other malicious activities. An attacker who successfully exploits the vulnerability could take complete control of an affected system and cause damage by installing programs; view, change, or delete data; or by creating new accounts with full user rights.

"Its important to follow the patch guidelines recommended by the vendors; however, vendor deployed patches after the fact can often come too late. This recent vulnerability is a perfect example where focusing on the infection, not policy compliance, is critical," said Ashar Aziz, founder and CEO of FireEye, Inc.

The FireEye 4200 NAC solution is equipped with the FireEye Attack Confirmation Technology (FACT) engine, which uses patent-pending virtualization technology to assess suspect machine network traffic and then provides conclusive attack confirmation prior to taking any quarantine actions or denying access to the network, thus eliminating the need to resolve false positives. Once a machine has been deemed infected with worms, network-borne malware, or zero-day attacks, it is immediately quarantined, protecting internal network resources from the damage of a serious attack.

Although FireEye's customers are already protected, the company recommends that in addition to the Microsoft patch, enterprise organizations put a system in place that can block threats like this from infecting and damaging the network.

About FireEye, Inc.

FireEye, Inc. is the leader in anti-botnet protection, enabling organizations to protect critical intellectual property, computing resources, and network infrastructure against bot infiltration. Today's most damaging attacks originate from and through highly organized botnets, or networks of remotely controlled, compromised machines. FireEye delivers a complete solution that is designed from the ground up to detect and protect organizations from botnets through global and local intelligence and analysis. The company is backed by Sequoia Capital, Norwest Venture Partners, and JAFCO. For more information, contact (408) 321-6300 or email: .