SUNNYVALE, Calif., June 25, 2004 -- Blue Coat™ Systems, Inc. (Nasdaq: BCSI), a leading provider of proxy appliances, today announced that its ProxySG™ and ProxyAV™ appliances safeguard organizations from threats exploiting the recently discovered HTTP Redirect Vulnerability in Microsoft Internet Explorer (IE), including the JS/Scob Trojan. This widespread vulnerability can allow hackers to take control of desktop computers and extract confidential information from corporate systems.

Symptoms
A vulnerability has been discovered in Microsoft's Internet Explorer, which fails to assess the security attributes of a Web page being served by an infected Web server. This vulnerability allows an attacker to execute code within the "Local Machine Zone" security domain on desktop computers (a security setting treated with a high-level of trust because it assumes only content on the user's machine is being accessed). The vulnerability is currently being exploited by the JS/Scob Trojan, also known as Download.Ject, which communicates from infected desktop computers to a malicious Web server. It then downloads spyware that can transmit confidential information, such as financial data and passwords, to the malicious source outside the network. Future variants could download other types of malicious code.

Solution
Blue Coat proxy appliances are designed to provide a secure layer between users on the network and the Web. Using Blue Coat, organizations can safeguard against threats that exploit vulnerabilities in IE Web browsers. Blue Coat's solution is uniquely capable of mitigating this IE vulnerability, and preventing a Web server from loading malicious code on a desktop computer, because of its comprehensive visibility and control over the Web channel. Blue Coat provides protection on multiple layers:

1. Blue Coat's ProxySG appliances are capable of reviewing all incoming response headers for location requests, and blocking those that are invalid.
2. The ProxySG directs Web content susceptible to virus infection to the ProxyAV appliance, where the JS/Scob remote access Trojan can be detected and deleted. This provides a signature-based layer that complements the ProxySG's capabilities.
3. The ProxySG acts as a "middle-man" between users on the network and Internet to terminate any unauthorized attempted communication of confidential information. This further mitigates risks if the Trojan already exists on any desktop computers.
4. The ProxySG also supports blocking by "user-agent type" to restrict the use of browser versions that are subject to this vulnerability.
5. As an added measure, the ProxySG appliance enables administrators to explicitly block known Web sites or files that contain malicious code.

Blue Coat recommends that customers reference the Technical Brief titled "Addressing IE Vulnerabilities" for more instructions on configuring its ProxySG appliances to avert the threats posed by IE vulnerabilities. Those interested in learning more about the benefits of proxy appliances should also visit http://www.bluecoat.com for information.