SDS Banner

SmartDefense Services Bulletin
November 2005

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
What's New
Advisories
Security Best Practices
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 Express CI
  • Anti-spyware updates for Check Point Integrity Anti-Spyware 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
What's New

On November 7th, Check Point introduced Integrity Anti-Spyware, an advanced spyware protection that is integrated into Check Point's leading endpoint security solution. Integrity Anti-Spyware detects spyware programs and provides automatic quarantining or removal of these threats. Integrity Anti-Spyware utilizes the SmartDefense Anti-Spyware Service to offer sophisticated anti-spyware protection updates. The updates are based on real-time spyware data provided by DefenseNet, a dynamic system that leverages the community of millions of Zone Labs ZoneAlarm users to proactively protect against emerging attacks. To learn more about Integrity Anti-Spyware, please visit http://www.checkpoint.com/products/home_promo/spyware.html.

Advisories (Sorted by Severity, then Date)
CPAI-2005-140
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Protection against Vulnerabilities in Microsoft Windows Distributed Transaction Coordinator (DTC) - MS05-051
  Sources:

Microsoft Security Bulletin MS05-051

  Vulnerable Systems: Windows 2000 Professional
Windows 2000 Server
Windows Server 2003
Windows XP
     
CPAI-2005-137
  Date:
  Severity:
  Category: Content Protection
  Description: Preemptive Protection against a Vulnerability in Microsoft DirectShow (MS05-050)
  Sources: Microsoft Security Bulletin MS05-050
  Vulnerable Systems: DirectX 8.1
DirectX 9.0
Windows 2000
Windows 2003
Windows 2003 SP1
Windows ME
Windows XP
Windows XP SP2
     
CPAI-2005-136
  Date:
  Severity:
  Category: MS-RPC
  Description: Microsoft Windows LSASS Protection
  Sources:

Microsoft Security Bulletin MS04-011

  Vulnerable Systems: Microsot Windows 2000
Microsoft Windows XP
     
CPAI-2005-147
  Date:
  Severity:
  Category: Cross-Site Scripting
  Description: Preemptive Protection against Sun Solaris Management Console HTTP TRACE Vulnerability
  Sources: Sun Microsystems ID 102016
  Vulnerable Systems: Sun Solaris 9 Operating System
Sun Solaris 10 Operating System
Sun Solaris 8 Operating System
     
CPAI-2005-146
  Date:
  Severity:
  Category: Endpoint Security
  Description: Integrity Clientless Security (ICS) version 3.7.39.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients  
     
CPAI-2005-145
  Date:
  Severity:
  Category: Instant Messengers
  Description: Preemptive Protection against a Skype Heap Overflow Vulnerability
  Sources:

SKYPE-SB/2005-003

  Vulnerable Systems:  Skype for Windows:
All releases prior to and including 1.4.*.83

Skype for Mac OS X:
All releases prior to and including 1.3.*.16

Skype for Linux:
All releases prior to and including 1.2.*.17

Skype for Pocket PC:
All releases prior to and including 1.1.*.6

     
CPAI-2005-144
  Date:
  Severity:
  Category: Endpoint Security
  Description: Integrity Clientless Security (ICS) version 3.7.38.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients  
     
CPAI-2005-143
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Protection against a Vulnerability in Windows Shell (MS05-049)
  Sources:

Microsoft Security Bulletin MS05-049

  Vulnerable Systems: Windows 2000 Professional
Windows 2000 Server
     
CPAI-2005-142
  Date:
  Severity:
  Category: Endpoint Security
  Description: Integrity Clientless Security (ICS) version 3.7.37.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients  
     
CPAI-2005-141
  Date:
  Severity:
  Category: Privileges Escalation
  Description: Protection against a Directory Traversal Vulnerability in Windows FTP Client (MS05-044)
  Sources: Microsoft Security Bulletin MS05-044
  Vulnerable Systems: Windows 2000 Professional
Windows 2000 Server
Windows ME
Windows Server 2003
Windows XP
     
CPAI-2005-139
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Preemptive Protection against Microsoft Plug and Play Vulnerability (MS05-047)
  Sources:

Microsoft Security Bulletin MS05-047

  Vulnerable Systems: Windows 2000 Professional
Windows 2000 Server
Windows NT
Windows NT TS
Windows XP
Windows XP SP2
     
CPAI-2005-138
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Vulnerability in the Microsoft Client Service for Netware (MS05-046)
  Sources: Microsoft Security Bulletin MS05-046
  Vulnerable Systems: Windows 2000
Windows 2003
Windows NT4
Windows XP
Windows XP SP2
     
CPAI-2005-135
  Date:
  Severity:
  Category: Endpoint security
  Description: Integrity Clientless Security (ICS) version 3.7.36.0
  Sources:  SmartDefense Research Center
  Vulnerable Systems:  Microsoft Windows clients
     
CPAI-2005-134
  Date:
  Severity:
  Category: Remote Code Execution
  Description: Preemptive Protection against Symantec Anti Virus Scan Engine Negative Content-Length Vulnerability
  Sources:

iDEFENSE Security Advisory 10.04.05

  Vulnerable Systems:

• Symantec AntiVirus Scan Engine 4.0
• Symantec AntiVirus Scan Engine 4.3
• Symantec AntiVirus Scan Engine for ISA 4.0
• Symantec AntiVirus Scan Engine for ISA 4.3
• Symantec AntiVirus Scan Engine for Netapp Filer 4.0
• Symantec AntiVirus Scan Engine for Messaging 4.3
• Symantec AntiVirus Scan Engine for Netapp NetCache 4.0
• Symantec AntiVirus Scan Engine for Network Attached Storage 4.3
• Symantec AntiVirus Scan Engine for Bluecoat 4.0
• Symantec AntiVirus Scan Engine for Caching 4.3
• Symantec AntiVirus Scan Engine for Microsoft SharePoint 4.3
• Symantec AntiVirus Scan Engine for Clearswift 4.0
• Symantec AntiVirus Scan Engine for Clearswift 4.3

     
CPAI-2005-133
  Date:
  Severity:
  Category: Endpoint Security
  Description: Integrity Clientless Security (ICS) version 3.7.35.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
Security Best Practices (Sorted by Severity, then Date)
CPSA-2005-14
  Date:
  Severity:
  Category: Security Best Practices
  Description: Protecting against Security Vulnerabilities in SSL Version 2
  Sources: SmartDefense Research Center
  Vulnerable Systems: Any application, client or server, using SSL version 2 encryption
     
CPSA-2005-13
  Date:
  Severity:
  Category: Web Intelligence Protections
  Description: Protecting Web Servers with Web Intelligence
  Sources: SmartDefense Research Center
  Vulnerable Systems: Web servers
     
Defense Updates
CPAI-2005-146
  Date:
  Update Number: 690051026 (Connectra 2.0)
691051026 (Connectra NGX)
  Description: Integrity Clientless Security (ICS) version 3.7.39.0
     
CPAI-2005-144
  Date:
  Update Number: 690051020 (Connectra 2.0)
691051020 (Connectra NGX)
  Description: Integrity Clientless Security (ICS) version 3.7.38.0
     
CPAI-2005-142
  Date:
  Update Number: 690051011 (Connectra 2.0)
691051011 (Connectra NGX)
  Description: Integrity Clientless Security (ICS) version 3.7.37.0
     
CPAI-2005-140
  Date:
  Update Number: 541051011 (VPN-1 NG R55)
550051011 (VPN-1 NG R55W)
591051011 (VPN-1 NGX R60)
547051011 (InterSpect)
  Description: Microsoft DTC protection (MS05-051)
     
CPAI-2005-139
  Date:
  Update Number: 541051011 (VPN-1 NG R55)
550051011 (VPN-1 NG R55W)
591051011 (VPN-1 NGX R60)
547051011 (InterSpect)
  Description: Microsoft uPnP protection (MS05-047)
     
CPAI-2005-138
  Date:
  Update Number: 541051011 (VPN-1 NG R55)
550051011 (VPN-1 NG R55W)
591051011 (VPN-1 NGX R60)
547051011 (InterSpect)
  Description: Microsoft Client Service for NetWare protection (MS05-046)
     
CPAI-2005-136
  Date:
  Update Number: 541051011 (VPN-1 NG R55)
550051011 (VPN-1 NG R55W)
591051011 (VPN-1 NGX R60)
547051011 (InterSpect)
  Description: Microsoft Windows LSASS Protection
     
CPAI-2005-135
  Date:
  Update Number: 690051006 (Connectra 2.0)
691051006 (Connectra NGX)
  Description: Integrity Clientless Security (ICS) version 3.7.36.0
     
CPSA-2005-133
  Date:
  Update Number: 690050929 (Connectra 2.0)
691050929 (Connectra NGX)
  Description: Integrity Clientless Security (ICS) version 3.7.35.0
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065