US2012131678A1PendingUtilityA1

System, method and computer program product for virtual patching

48
Assignee: HOROVITZ ODEDPriority: Aug 1, 2005Filed: Jan 31, 2012Published: May 24, 2012
Est. expiryAug 1, 2025(expired)· nominal 20-yr term from priority
G06F 21/577
48
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A system, method, and computer program product are provided for virtual patching. Initially, information associated with at least one vulnerability of a computer application is collected. Further, at least one host interface is identified that is capable of being used to access the vulnerability. In use, data sent to the at least one host interface is analyzed to determine whether the data is unwanted, based on the information.

Claims

exact text as granted — not AI-modified
1 - 21 . (canceled) 
     
     
         22 . A method, comprising:
 identifying a host interface that is capable of being used to access a vulnerability of a computer application;   recording a vector associated with a root cause of the vulnerability;   intercepting a call attempting to access the host interface; and   validating the call based on the root cause.   
     
     
         23 . The method of  claim 22 , further comprising creating a software exception if data associated with the call is unwanted. 
     
     
         24 . The method of  claim 22 , further comprising suspending a thread if data associated with the call is unwanted. 
     
     
         25 . The method of  claim 22 , further comprising terminating execution of a process associated with the call. 
     
     
         26 . The method of  claim 22 , wherein the vector comprises a location of the vulnerability. 
     
     
         27 . The method of  claim 22 , wherein the vector comprises input vectors capable of exploiting the vulnerability. 
     
     
         28 . The method of  claim 22 , wherein the vector comprises information associated with the root cause. 
     
     
         29 . The method of  claim 22 , wherein the vector is recorded in a same form as an object in which the vulnerability is located. 
     
     
         30 . A computer program product embodied on a non-transitory computer readable medium for performing operations, the operations comprising:
 identifying a host interface that is capable of being used to access a vulnerability of a computer application;   recording a vector associated with a root cause of the vulnerability;   intercepting a call attempting to access the host interface; and   validating the call based on the root cause.   
     
     
         31 . The computer program product of  claim 30 , wherein the operations further comprise creating a software exception if data associated with the call is unwanted. 
     
     
         32 . The computer program product of  claim 30 , wherein the operations further comprise suspending a thread if data associated with the call is unwanted. 
     
     
         33 . The computer program product of  claim 30 , wherein the operations further comprise terminating execution of a process associated with the call. 
     
     
         34 . The computer program product of  claim 30 , wherein the vector comprises a location of the vulnerability. 
     
     
         35 . The computer program product of  claim 30 , wherein the vector comprises input vectors capable of exploiting the vulnerability. 
     
     
         36 . The computer program product of  claim 30 , wherein the vector comprises information associated with the root cause. 
     
     
         37 . The computer program product of  claim 30 , wherein the vector is recorded in a same form as an object in which the vulnerability is located. 
     
     
         38 . A system, comprising:
 a processor configured for executing non-transitory instructions stored in a memory, wherein the system is configured for:
 identifying a host interface that is capable of being used to access a vulnerability of a computer application; 
 recording a vector associated with a root cause of the vulnerability; 
 intercepting a call attempting to access the host interface; and 
 validating the call based on the root cause. 
   
     
     
         39 . The system of  claim 38 , wherein the vector comprises a location of the vulnerability. 
     
     
         40 . The system of  claim 38 , wherein the vector comprises input vectors capable of exploiting the vulnerability. 
     
     
         41 . The system of  claim 38 , wherein the vector comprises information associated with the root cause.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.