Check Point Advisories

Preemptive Protection against Microsoft Windows TCP/IP Driver Denial of Service (MS13-049; CVE-2013-3138)

Check Point Reference: CPAI-2013-1888
Date Published: 11 Jun 2013
Severity: Critical
Last Updated: Saturday 20 April, 2024
Source: CVE-2013-3138
Protection Provided by:

Security Gateway
R70

  • R71
  • R75

    		•
    Who is Vulnerable? Windows Vista
    Windows Server 2008
    Windows 7
    Windows Server 2008 R2
    Windows 8
    Windows Server 2012
    Windows RT
    Vulnerability Description A denial of service vulnerability has been reported in the TCP/IP driver of Microsoft Windows.
    Update/Patch AvaliableApply patches from: MS13-049

    Protection Overview

    This protection will detect and block attempts to exploit these vulnerabilities.
    No update is required to address this vulnerability. Users are protected against this vulnerability if the SYN Attack protection found in the SmartDashboard has been activated.

    Security Gateway R75 / R71 / R70

    1. In the IPS tab, click Protections, find the SYN Attack protection using the Search tool and double-click on the protection. 
    2. In the Protection Details window, select the required profile and click on Edit. Choose the protection's Action (Override IPS Policy with: Prevent/Detect), and apply Additional Settings. 
    3. Configure the protection to your requirements. 
    4. Install policy on all modules.

      5. SmartView Tracker will log the following entries:
      Attack Information: Under SYN attack - Switching to active protection
      Attack Information: SYN attack abated - Switching to passive protection

    ×
      Feedback
    This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
    OK