Improved TomTom WEBFLEET® from TomTom WORK is smarter, more interactive and even easier to use

CeBIT – Hanover, 4 March 2008: TomTom WORK, the business-to-business division of TomTom, today introduces a new and enhanced TomTom WEBFLEET service, a market-leading on-line fleet management, order tracking and reporting service accessible 24 hours a day from any Internet-enabled PC.

Users will find the new TomTom WEBFLEET more interactive, highly intuitive and easier to use than its predecessor. The result is a system that makes a business smarter and more cost effective by placing intelligence at the user’s fingertips.

Users now have a choice of maps – either the TomTom WEBFLEET map, which is frequently updated by the TomTom community with TomTom Map Share™, or the satellite map that is able to provide a realistic view up to street level. The ability to see the precise location of all vehicles at a glance and instantly send a message to any of them at a click of a mouse, means that jobs can always be allocated to the one that is best positioned. Additionally, the dispatcher can intelligently plan job allocations taking the actual traffic information into account as the TomTom WEBFLEET’s map will feature up-to-date traffic information.

The newly-designed interface means that features have been grouped functionally for specific tasks that need to be performed. For quick viewing the user can simply drag the map across the screen or use the mouse to zoom in and out.

“The new and improved WEBFLEET from TomTom WORK brings more and better intelligence right into the heart of a business,” said Thomas Becher, commercial director TomTom WORK. “It creates synergies between all employees making each one more effective, more efficient, more productive and better able to contribute to the bottom line.”

Targeted mainly at small and medium-sized businesses, TomTom WEBFLEET is at the centre of TomTom WORK’s connected navigation solution. This provides a link between a company’s base, its vehicles and its back-office functions in an integrated and cost-effective way. It enables:

• efficient planning;
• vehicle tracking and consignment tracing in real time;
• easier compilation of reports on vehicle usage and mileages;
• fast and effective navigation for drivers; and
• instant two-way communication.

TomTom WEBFLEET can be used across a broad range of businesses and is particularly suited to those where fast response times are critical and where it’s vital to keep customers informed of progress.

The new TomTom WEBFLEET will be available during Q2 2008.

Watchguard Releases WatchGuard SSL 500 and the SSL 1000

New! SSL Appliances from WatchGuard^® Later this month, WatchGuard will release two important new products – the WatchGuard SSL 500 and the SSL 1000. Now that SSL has gone mainstream and basic features have standardized among most vendors, the new WatchGuard SSL is just what the market has been asking for and is a genuine standout for many reasons. 

• Supports the widest range of applications and resources – so your customers have access to the tools they need to stay productive
• Offers the broadest range of mobile device and platform support in its class – making access available from virtually anywhere
• Includes powerful mid-point and endpoint security – to ensure connecting devices are healthy and up-to-date, so your network infrastructure stays that way
• Provides flexible, extensible authentication – with more options than competitors, including software and SMS tokens to streamline and reduce the cost of remote access
• Has lowest total cost of ownership – unlike competitors who charge extra for advanced features, WatchGuard SSL comes complete with every option at a standard price

Multiple Vulnerabilities in Sun Java for Windows, Solaris, Linux

Severity: Medium

7 March 2008

Summary:

• These vulnerabilities affect: All versions of Sun Java Runtime Environment (JRE) released before 4 March, on Windows, Solaris, and Linux platforms
• How an attacker exploits them: By enticing your users to a malicious web page that contains a specially crafted Java applet or application
• Impact: Various results; in the worst case, attacker can gain complete control of your computer
• What to do: Install the appropriate JRE update as soon as possible

Exposure:

Java is a programming language (first implemented by Sun Microsystems) used most often to add neat features to Web pages. Most operating systems today implement a Java interpreter to recognize and process Java code from Web sites and other sources. Sun’s Java Runtime Environment (JRE) is one of the most popular Java interpreters currently used on the Internet.

Yesterday, US-CERT released a security alert warning of multiple vulnerabilities that affect all previous versions of Sun JRE (as well as Sun Java SDK) running on Windows, Solaris and Linux platforms. While the vulnerabilities differ quite a bit technically, an attacker can exploit them all in a similar manner. If an attacker can entice one of your users to download a malicious Java applet or application from a web page or HTML e-mail, he can exploit these vulnerabilities in a variety of ways. He can cause JRE to crash, to access local files on your user’s hard drive, or to execute local applications on your user’s PC. In the worst case, the attacker could even execute arbitrary code of his own choosing. And if your users have local administrative privileges, the attacker could potentially exploit some of these flaws to gain complete control of your users’ machines.

If you run a Solaris or Linux network, you probably know whether or not you use Sun JRE (in most cases, you do). If you manage a Windows network, however, your answer is less clear. In the past, Windows shipped with Microsoft’s own Java interpreter, called Java Virtual Machine (MSJVM); since these editions of IE use MSJVM to interpret Java applets, most Windows users who browse with IE aren’t vulnerable to this flaw. Because of a legal conflict with Sun, though, Microsoft had to discontinue the use of MSJVM in its most recent versions of Windows. For instance, MSJVM doesn’t ship with Windows Server 2003 or the Windows XP installer that comes with prepackaged SP1a or SP2 (XP users who upgraded to SP1 or SP2 on their own retain MSJVM). These newer Windows releases require that you download your own Java interpreter; in which case, you probably do have Sun JRE and need to update as soon as possible.

If you’re unsure what your version of IE uses to interpret Java, there’s an easy way to find out. In IE, click on Tools => Internet Options => Advanced tab. Scroll down to the Microsoft VM section and check “Java console enabled.” Restart IE and then click View => Java Console. A window opens which displays the name and version number of the Java interpreter your IE browser uses. If you’re not using Sun JRE, the vulnerability doesn’t affect you.

Solution Path:

Sun has released various JRE and SDK updates to correct these issues. If you use Sun JRE in your network, download and deploy the corresponding updates as soon as possible:

• JRE and JDK 6.0: Download JRE or JDK 6.0 Update 5
• JRE and JDK 5.0: Download JRE or JDK 5.0 Update 15
• JRE and SDK 1.4.x: Download JRE or SDK 1.4.2_17
• JRE and SDK 1.3.x: Download JRE or SDK 1.3.1_22

For All WatchGuard Users:

Some of WatchGuard’s Firebox models allow you to prevent your users from downloading Java applets from Web sites. Doing so, however, also cripples legitimate Web sites using Java applets. If you do not want to block Java applets, download the appropriate Sun JRE updates as soon as possible.

To learn how to use your Firebox’s HTTP proxy to block Java applets, see the “Deny Java Applets” section of the HTTP Proxy Advanced FAQ.

Status:

Sun has issued updates to correct these issues.

References:

• US-CERT’s JRE Alert
• Secunia Advisory