MCAFEE PROTECTS MS05-039 AGAINST EXPLOIT CODE.

McAfee, Inc., (NYSE:MFE), Santa Clara, Calif., the leader in Intrusion Prevention and Security Risk Management, has announced that its market-leading system and network protection solutions, including McAfee IntruShield(R), McAfee Entercept(R), McAfee VirusScan(R) Enterprise 8.0i and McAfee Managed VirusScan(R), provide proactive, zero-day protection against a recent wave of threats that have been working to exploit a hole in the plug-and-play feature in the Windows operating system.

The vulnerability, termed MS05-039, was announced by Microsoft on Tuesday, August 9, 2005, and within a five day window the vulnerability had been targeted by virus writers that produced multiple variants of the ever expanding SDBot family, as well as a new family now known as Zotob. To read more about these threats, visit http://vil.nai.com/vil/newly-discovered-viruses.asp. McAfee solutions were able to proactively protect McAfee's small to large business customers prior to the release of the exploit code and without updates, thereby helping to identify and block the attacks before they could cause damage to systems and networks.

"The recent exploits targeting the MS05-039 vulnerability appear to be one of the shortest vulnerability-to-worm windows we've seen, even shorter than the Sasser worm, which took approximately two weeks to exploit the LSASS vulnerability," said John Vecchi, senior product marketing manager, McAfee Inc. "McAfee's ability to provide zero-day, out-of-the box protection before the exploit code was discovered, clearly demonstrates the company's commitment to staying ahead of both known and unknown threats and continually keeping our customers' systems and networks secure."

While the recent slew of threats that started last Friday have been identified as low-risk threats by McAfee, Inc., the threats can still cause harm to organizations that don't have proactive protection in place or who haven't downloaded the recent Microsoft patch. McAfee solutions, which provide protection against both known and unknown threats, were able to protect users prior to the discovery of the exploit code, demonstrating their ability to proactively protect against new exploit techniques.

McAfee Entercept, which provides host-based intrusion prevention, mitigates the threat of the worms by offering zero-day protection without the need for product updates. This "out of the box" capability reduces the time associated with patching against the vulnerabilities and allows business users to ensure critical system security and uptime. In addition, McAfee IntruShield's network intrusion prevention appliances provide preemptive zero- day protection against the latest Microsoft exploits. As a result, IntruShield customers were proactively protected against these new threats without signature updates. IntruShield's proactive protection is delivered through its patented shell code detection technology, which was paramount to the product's ability to also provide zero-day protection against the new exploit techniques last month that targeted Cisco IOS-based routers.

Additionally, both McAfee VirusScan Enterprise 8.0i, the industry's first anti-virus software product to integrate elements of intrusion prevention and firewall technology into a single security agent, and McAfee Managed VirusScan, an affordable Web-based solution that provides always on, automatic virus protection for smaller businesses, provide customers with proactive protection against attacks targeting the buffer overflow vulnerabilities reported in the MS05-039 vulnerability.

McAfee stresses the need for a comprehensive enterprise security strategy that incorporates good security practices with multi-layered network and system security solutions that work together to proactively block attacks. Only McAfee provides a comprehensive portfolio of best-of-breed system and network security solutions that enable companies of all sizes to proactively block malicious attacks, prevent disruptions, and continuously track and improve their security posture.

All McAfee products are backed by the company's top-ranked anti-virus and vulnerability research organization, McAfee AVERT, whose global researchers combine research expertise from McAfee IntruShield, McAfee Entercept and McAfee Foundstone(R) organizations to protect customers on a 24x7 basis. McAfee AVERT protects customers by providing analysis and core technologies that are developed through the combined efforts of McAfee AVERT researchers and McAfee AVERT AutoImmune technology, which applies advanced heuristics, generic detection with repair, and ActiveDAT technology to deliver those technologies for previously undiscovered viruses.

About McAfee, Inc.

McAfee Inc., headquartered in Santa Clara, California and the global leader in Intrusion Prevention and Security Risk Management, delivers proactive and proven solutions and services that secure systems and networks around the world. With its unmatched security expertise and commitment to innovation, McAfee empowers home users, businesses, the public sector, and service providers with the ability to block attacks, prevent disruptions, and continuously track and improve their security.

For more information, visit http://www.mcafee.com or call 408/346-5965.