Qualys Vulnerability R&D Lab has released new vulnerability checks in the Qualys Cloud Platform to protect organizations against 21 vulnerabilities that were fixed in 8 bulletins announced today by Microsoft. Customers can immediately audit their networks for these and other new vulnerabilities by accessing their Qualys subscription. Visit Qualys Security Blog to prioritize remediation.
Non-Qualys customers can audit their network for these and other vulnerabilities by signing up for a Qualys Free Trial, or by trying Qualys Community Edition.
Microsoft has released 8 security bulletins to fix newly discovered flaws in their software. Qualys has released the following checks for these new vulnerabilities:
A remote code execution vulnerability exists in the way Microsoft DirectShow handles supported format files. An error occurs when decompressing MJPEG content. This vulnerability could allow code execution if a user opens a specially crafted MJPEG file. (CVE-2009-0084)
Microsoft has released a security update to addresses the vulnerability by correcting the way that DirectShow decompresses media files.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
April 2009 Security Updates Are Now Available On the ECE (KB961373)
Steps to disable decoding of MJPEG content using the Interactive Method:
1. Click Start, click Run, type Regedit in the Open box, and then click OK.
2. Locate and then click the following registry subkey: HKEY_CLASSES_ROOT\CLSID\(301056D0-6DFF-11D2-9EEB-006008039E37)
3. Click the File menu and select Export.
4. In the Export Registry File dialog box, enter MJPEG_Decoder_Backup.reg and click Save.
5. Press the Delete key on the keyboard to delete the registry key. When prompted to delete the registry key via the Confirm Key Delete dialog box, click Yes.
Steps to disable decoding of MJPEG content using a Managed Deployment Script:
1. Create a backup copy of the registry keys by using a managed deployment script that contains the following commands:
Regedit.exe /e MJPEG_Decoder_Backup.reg HKEY_CLASSES_ROOT\CLSID\(301056D0-6DFF-11D2-9EEB-006008039E37)
2. Next, save the following to a file with a .REG extension, such as Disable_MJPEG_Decoder.reg:
Windows Registry Editor Version 5.00
[-HKEY_CLASSES_ROOT\CLSID\(301056D0-6DFF-11D2-9EEB-006008039E37)]
3. Run the above registry script on the target machine with the following command from an elevated command prompt:
Regedit.exe /s Disable_MJPEG_Decoder.reg
Impact of the
Workaround:
MJPEG content playback will be disabled.
Workaround B:
- Unregister quartz.dll using the following command from an elevated command prompt:
For 32-bit Windows systems: Regsvr32.exe -u %WINDIR%\system32\quartz.dll
For 64-bit Windows systems: Regsvr32.exe -u %WINDIR%\syswow64\quartz.dll
Impact of workaround. Windows Media Player will not be able to play ".AVI" or ".WAV" files.
For additional details on applying the workarounds, please refer to Microsoft Security Bulletin MS09-011.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
Microsoft Windows 2000 Service Pack 4 (DirectX 8.1)
Microsoft Windows 2000 Service Pack 4 (DirectX 9.0)
Windows XP Service Pack 2 and Windows XP Service Pack 3 (DirectX 9.0)
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 (DirectX 9.0)
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2 (DirectX 9.0)
Refer to Microsoft Security Bulletin MS09-011 for further details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS09-011 Microsoft Windows 2000 Service Pack 4(DirectX 8.1)
MS09-011 Microsoft Windows 2000 Service Pack 4(DirectX 9.0)
MS09-011 Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2(DirectX 9.0)
MS09-011 Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems(DirectX 9.0)
MS09-011 Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2(DirectX 9.0)
MS09-011 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2(DirectX 9.0)
MS09-011 Windows XP Service Pack 2 and Windows XP Service Pack 3(DirectX 9.0)
Multiple vulnerabilities listed below have been identified in WordPad and Office Text Converters:
- A memory corruption vulnerability in WordPad and Office Text Converter exists in the way the applications process memory when a user opens a specially crafted Word 6 file that includes malformed data. A remote attacker can exploit this flaw to execute arbitrary code. (CVE-2009-0087)
- A stack-based buffer overflow vulnerability exists when parsing a specially crafted Word 97 document. The vulnerability could allow remote code execution if a user opens a specially crafted Word file that includes a malformed list structure. (CVE-2008-4841)
- A stack corruption vulnerability in Word 2000 WordPerfect 6.x Converter exists in the way that the converter processes memory when parsing a specially crafted WordPerfect document. (CVE-2009-0088)
- A stack-based buffer overflow vulnerability exists in WordPad as a result of memory corruption when a user opens a specially crafted Word file. This can be exploited by a remote attacker to execute arbitrary code. (CVE-2009-0235)
Microsoft has released a security update to address these vulnerabilities by modifying the way that Microsoft Office Word and Office text converters handle opening specially crafted Word 6.0, Windows Write, and WordPerfect documents. It also addresses the vulnerabilities by implementing fixes to WordPad and by preventing WordPad on affected platforms from opening Word 6.0 and Windows Write files.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
April 2009 Security Updates Are Now Available On the ECE (KB960477, 923561)
2) Disable the Word 6 converter by restricting access by applying an access control list to affected converters to ensure that the converter is no longer loaded by WordPad and Office.
Impact of the workaround: Conversion of Word 6 documents to WordPad RTF or Word 2003 documents will no longer work.
3) Disable the Office text converter by restricting access by applying an access list to the affected converter to ensure it is no longer loaded by Microsoft Office Word.
Impact of the workaround: Microsoft Office Word will no longer load WordPerfect documents.
Detailed information on applying access lists to disable Word 6 and Office text converter can be found in Microsoft Security Bulletin MS09-010.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Microsoft Office 2000 Service Pack 3 (Microsoft Office Word 2000 Service Pack 3)
Microsoft Office XP Service Pack 3 (Microsoft Office Word 2002 Service Pack 3)
Microsoft Office Converter Pack
Refer to Microsoft Security Bulletin MS09-010 for further details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS09-010 Microsoft Office 2000 Service Pack 3(Microsoft Office Word 2000 Service Pack 3)
MS09-010 Microsoft Office Converter Pack
MS09-010 Microsoft Office XP Service Pack 3(Microsoft Office Word 2002 Service Pack 3)
MS09-010 Microsoft Windows 2000 Service Pack 4
MS09-010 Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
MS09-010 Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
MS09-010 Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
MS09-010 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
MS09-010 Windows XP Service Pack 2 and Windows XP Service Pack 3
The following vulnerabilities exist affecting MSDTC and WMI have been identified:
- An elevation of privilege vulnerability exists due to the MSDTC facility allowing the NetworkService token to be obtained and used when making an RPC call. This can be exploited by a process having the SeImpersonatePrivilege to run arbitrary code with NetworkService privileges. (CVE-2008-1436)
- The WMI provider improperly isolates processes running under the NetworkService or LocalService accounts. This can be exploited to run arbitrary code with LocalSystem privileges by obtaining a SYSTEM token. (CVE-2009-0078)
- The RPCSS service improperly isolates processes running under the NetworkService or LocalService accounts. This can be exploited to execute arbitrary code with LocalSystem privileges. (CVE-2009-0079)
- A vulnerability exists due to Windows placing incorrect access control lists (ACLs) on threads in the current ThreadPool. An attacker who successfully exploits this vulnerability could execute arbitrary code with LocalSystem privileges. (CVE-2009-0080)
Microsoft has released a security update to address these vulnerabilities by correcting the way that Windows addresses tokens requested by the Microsoft Distributed Transaction Coordinator (MSDTC), and by properly isolating WMI providers and processes that run under the NetworkService or LocalService accounts.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
April 2009 Security Updates Are Now Available On the ECE (KB959454, 952004, 956572)
MSDTC Transaction Facility:
Microsoft Windows 2000 Service Pack 4
MSDTC Transaction Facility:
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows Service Isolation:
Windows XP Service Pack 2
Windows Service Isolation:
Windows XP Service Pack 3
MSDTC Transaction Facility:
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Service Isolation:
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
MSDTC Transaction Facility:
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Service Isolation:
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
MSDTC Transaction Facility:
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Service Isolation:
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
MSDTC Transaction Facility:
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Windows Service Isolation:
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS09-012.Workaround:
1) IIS 6.0: Configure a Worker Process Identity (WPI) for an application pool in IIS to use a created account in IIS Manager and disable MSDTC.
2) IIS 7.0: Specify a WPI for an application pool in IIS Manager.
3) IIS 7.0: Specify a WPI for an application pool using the Command Line utility APPCMD.exe.
Detailed information on applying the workarounds is available at Microsoft Security Bulletin MS09-012.
Impact of the workarounds: Management of additional user accounts results in increased administrative overhead. Application functionality may be affected depending on the nature of applications running. Disabling MSDTC will prevent applications from using distributed transactions and will prevent configuration as well as running of COM+ applications.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS09-012 Microsoft Windows 2000 Service Pack 4(MSDTC Transaction Facility)
MS09-012 Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2(MSDTC Transaction Facility)
MS09-012 Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2(Windows Service Isolation)
MS09-012 Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems(MSDTC Transaction Facility)
MS09-012 Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems(Windows Service Isolation)
MS09-012 Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2(MSDTC Transaction Facility)
MS09-012 Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2(Windows Service Isolation)
MS09-012 Windows Server 2008 for 32-bit Systems(MSDTC Transaction Facility)
MS09-012 Windows Server 2008 for 32-bit Systems(Windows Service Isolation)
MS09-012 Windows Server 2008 for Itanium-based Systems(MSDTC Transaction Facility)
MS09-012 Windows Server 2008 for Itanium-based Systems(Windows Service Isolation)
MS09-012 Windows Server 2008 for x64-based Systems(MSDTC Transaction Facility)
MS09-012 Windows Server 2008 for x64-based Systems(Windows Service Isolation)
MS09-012 Windows Vista(Windows Service Isolation)
MS09-012 Windows Vista Service Pack 1(Windows Service Isolation)
MS09-012 Windows Vista and Windows Vista Service Pack 1(MSDTC Transaction Facility)
MS09-012 Windows Vista x64 Edition(Windows Service Isolation)
MS09-012 Windows Vista x64 Edition Service Pack 1(Windows Service Isolation)
MS09-012 Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1(MSDTC Transaction Facility)
MS09-012 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2(MSDTC Transaction Facility)
MS09-012 Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2(Windows Service Isolation)
MS09-012 Windows XP Service Pack 2(Windows Service Isolation)
MS09-012 Windows XP Service Pack 2 and Windows XP Service Pack 3(MSDTC Transaction Facility)
MS09-012 Windows XP Service Pack 3(Windows Service Isolation)
Windows HTTP Services is prone to the following vulnerabilities:
- A remote code execution vulnerability exists in the way that Windows HTTP Services handle specific values that are returned by a remote Web server. (CVE-2009-0086)
- A spoofing vulnerability exists in Windows HTTP Services as a result of the incomplete validation of the distinguished name in a digital certificate. When combined with specific other attacks, such as DNS spoofing, this may allow an attacker to successfully spoof the digital certificate of a Web site for any application that uses Windows HTTP Services. (CVE-2009-0089)
- A remote code execution vulnerability exists in the way that Windows HTTP Services handles NTLM credentials when a user connects to an attacker's Web server. (CVE-2009-0550)
Microsoft has released a security update that addresses these vulnerabilities by changing the way that Windows HTTP Services handles errors and validates certificates, and by ensuring that Windows HTTP Services correctly use NTLM credential reflection protection mechanisms.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
April 2009 Security Updates Are Now Available On the ECE (KB960803)
Successful exploitation also allows an attacker to impersonate a secure Web site and offer malicious content to the application using Windows HTTP Services, which would trust it as if it originated from a secure Web site.
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Vista and Windows Vista Service Pack 1
Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for x64-based Systems
Windows Server 2008 for Itanium-based Systems
Refer to Microsoft Security Bulletin MS09-013 for further details.
- A blended threat remote code execution vulnerability exists in the way that Internet Explorer locates and opens files on the system. An attacker could exploit the vulnerability by constructing a specially crafted Web page. Internet Explorer could open a specially crafted file from the desktop allowing files be downloaded to the system without prompting. (CVE-2008-2540)
- WinINet does not correctly opt in to NTLM credential-reflection protections when a user connects to an attacker's server by way of the HTTP protocol. This vulnerability allows an attacker to replay the user's credentials back to the attacker and to execute code in the context of the logged-on user. (CVE-2009-0550)
- A memory corruption vulnerability exists in the way Internet Explorer handles transition when navigating between Web pages. As a result, system memory may be corrupted in such a way that an attacker could execute arbitrary code if a user visited a specially crafted Web site. (CVE-2009-0551)
- Multiple remote code execution vulnerabilities exists in the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker can exploit this issue by constructing a specially crafted Web page. When Internet Explorer attempts to access an object that has not been initialized or has been deleted, it triggers memory corruption allowing arbitrary execution of code. (CVE-2009-0552, CVE-2009-0553, CVE-2009-0554)
Microsoft has released a security update to addresses these vulnerabilities by modifying the way that Internet Explorer searches the system for files to load, performs authentication reply validation, handles transition errors when navigating between Web pages, and handles memory objects.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
April 2009 Security Updates Are Now Available On the ECE (KB963027)
Microsoft Windows 2000 Service Pack 4 (Microsoft Internet Explorer 5.01 Service Pack 4)
Microsoft Windows 2000 Service Pack 4 (Microsoft Internet Explorer 6 Service Pack 1)
Windows XP Service Pack 2 and Windows XP Service Pack 3 (Microsoft Internet Explorer 6)
Windows XP Service Pack 2 and Windows XP Service Pack 3 (Windows Internet Explorer 7)
For a complete list of patch download links, please refer to Microsoft Security Bulletin MS09-014.
Workaround:
CVE-2009-0551, CVE-2009-0552, CVE-2009-0553, CVE-2009-0554:
- Set Internet and Local intranet security zone settings to "High" to prompt before running ActiveX Controls and Active Scripting
- Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone
Detailed steps on applying the workarounds can be found in Microsoft Security Bulletin MS09-014.
Impact of the Workaround -
On visiting Web sites on the Internet or Intranet that use ActiveX or Active Scripting to provide additional functionality, you will be prompted frequently when you enable this workaround.
Microsoft has released a security update that addresses the vulnerability by modifying the way that Windows loads files from the desktop.
Windows XP Embedded Systems:- For additional information regarding security updates for embedded systems, refer to the following MSDN blog(s):
April 2009 Security Updates Are Now Available On the ECE (KB959426)
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Vista and Windows Vista Service Pack 1
Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for x64-based Systems
Windows Server 2008 for Itanium-based Systems
Refer to Microsoft Security Bulletin MS09-015 for further details.
- A denial of service vulnerability exists in the way the firewall engine handles TCP state for Web proxy or Web publishing listeners. It can allow a remote user to send specially crafted network packets to the affected system and cause a Web listener to stop responding to new requests. (CVE-2009-0077)
- A cross-site scripting (XSS) vulnerability exists in the HTML forms authentication component in ISA Server or Forefront TMG, "cookieauth.dll", due to improper input validation of the HTTP stream. This could allow malicious script code to run on the machine of another user under the guise of the server running "cookieauth.dll". (CVE-2009-0237)
Microsoft has released a security update to addresses these vulnerabilities by modifying the way that the firewall engine handles the TCP state and the way that HTTP forms authentication handles input.
CVE-2009-0237: Successful exploitation of this vulnerability could allow injection of arbitrary script in the user's browser. This can lead to spoofing and information disclosure.
Microsoft Forefront Threat Management Gateway, Medium Business Edition
Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3
Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3
Microsoft Internet Security and Acceleration Server 2006
Microsoft Internet Security and Acceleration Server 2006 Supportability Update
Microsoft Internet Security and Acceleration Server 2006 Service Pack 1
Refer to Microsoft Security Bulletin MS09-016 for further details.
The following vulnerabilities exist in Microsoft Office Excel:
- A remote code execution vulnerability exists in the way the application parses the Excel spreadsheet file format. A remote attacker can exploit this flaw by enticing an unsuspecting user into opening a specially crafted spreadsheet to cause arbitrary execution of code. (CVE-2009-0100)
- A security vulnerability that could allow remote code execution exists in Excel if a user opens a specially crafted Excel file that includes a malformed object. (CVE-2009-0238)
Impact of the workaround:
Office 2003 and earlier formatted documents that are converted to the 2007 Microsoft Office System Open XML format by MOICE lose their macro functionality. Documents protected with passwords and Digital Rights Management cannot be converted.
2) Microsoft Office File Block policy should be used to block the opening of Office 2003 and earlier documents from unknown or untrusted sources. The following registry scripts can be used to set the File Block policy.
For Office 2003:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Office.0\Excel\Security\FileOpenBlock]
"BinaryFiles"=dword:00000001
For 2007 Office system:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Office.0\Excel\Security\FileOpenBlock]
"BinaryFiles"=dword:00000001
Impact of the workaround:
If File Block policy is configured without special "exempt directory" configuration (see KB922848), Office 2003 files or earlier versions will not open in Office 2003 or 2007 Microsoft Office System.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
Microsoft Office 2000 Service Pack 3 (Microsoft Office Excel 2000 Service Pack 3)
Microsoft Office XP Service Pack 3 (Microsoft Office Excel 2002 Service Pack 3)
Microsoft Office 2003 Service Pack 3 (Microsoft Office Excel 2003 Service Pack 3)
2007 Microsoft Office System Service Pack 1 (Microsoft Office Excel 2007 Service Pack 1)
Microsoft Office Excel Viewer 2003 Service Pack 3
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Refer to Microsoft Security Bulletin MS09-009 for further details.
Patches:
The following are links for downloading patches to fix these vulnerabilities:
MS09-009 2007 Microsoft Office System Service Pack 1(Microsoft Office Excel 2007 Service Pack 1)
MS09-009 Microsoft Office 2000 Service Pack 3(Microsoft Office Excel 2000 Service Pack 3)
MS09-009 Microsoft Office 2003 Service Pack 3(Microsoft Office Excel 2003 Service Pack 3)
MS09-009 Microsoft Office 2004 for Mac
MS09-009 Microsoft Office 2008 for Mac
MS09-009 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
MS09-009 Microsoft Office Excel Viewer
MS09-009 Microsoft Office Excel Viewer 2003 Service Pack 3
MS09-009 Microsoft Office XP Service Pack 3(Microsoft Office Excel 2002 Service Pack 3)
These new vulnerability checks are included in Qualys vulnerability signature 1.22.184-3. Each Qualys account is automatically updated with the latest vulnerability signatures as they become available. To view the vulnerability signature version in your account, from the Qualys Help menu, select the About tab.
To perform a selective vulnerability scan, configure a scan profile to use the following options:
In addition, prior to running a scan for these new vulnerabilities, you can estimate your exposure to these new threats by running the Risk Analysis Report, available from the Qualys Vulnerability Management Reports tab.
Platforms and Platform Identification
For more information, customers may contact Qualys Technical Support.
The Qualys Cloud Platform and its integrated suite of security and compliance applications provides organizations of all sizes with a global view of their security and compliance solutions, while drastically reducing their total cost of ownership. Qualys solutions include: continuous monitoring, vulnerability management, policy compliance, PCI compliance, security assessment questionnaire, web application scanning, web application firewall, malware detection and SECURE Seal for security testing of web sites.