November 2005 SmartDefense Services Bulletin

SmartDefense Services Bulletin

November 2005

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

In This Bulletin

About SmartDefense Services
What's New
Advisories
Security Best Practices
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

Preemptive, ongoing, and real-time updates to defenses and security policies
Ongoing new protocol and application defenses against emerging threats and attacks
Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
Anti-virus updates and alerts for Check Point VPN-1 Express CI
Anti-spyware updates for Check Point Integrity Anti-Spyware
Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)

What's New

On November 7th, Check Point introduced Integrity Anti-Spyware, an advanced spyware protection that is integrated into Check Point's leading endpoint security solution. Integrity Anti-Spyware detects spyware programs and provides automatic quarantining or removal of these threats. Integrity Anti-Spyware utilizes the SmartDefense Anti-Spyware Service to offer sophisticated anti-spyware protection updates. The updates are based on real-time spyware data provided by DefenseNet, a dynamic system that leverages the community of millions of Zone Labs ZoneAlarm users to proactively protect against emerging attacks. To learn more about Integrity Anti-Spyware, please visit http://www.checkpoint.com/products/home_promo/spyware.html.

Advisories (Sorted by Severity, then Date)


CPAI-2005-140
	Date:
	Severity:
	Category:	Remote Code Execution
	Description:	Protection against Vulnerabilities in Microsoft Windows Distributed Transaction Coordinator (DTC) - MS05-051
	Sources:	Microsoft Security Bulletin MS05-051
	Vulnerable Systems:	Windows 2000 Professional Windows 2000 Server Windows Server 2003 Windows XP


CPAI-2005-137
	Date:
	Severity:
	Category:	Content Protection
	Description:	Preemptive Protection against a Vulnerability in Microsoft DirectShow (MS05-050)
	Sources:	Microsoft Security Bulletin MS05-050
	Vulnerable Systems:	DirectX 8.1 DirectX 9.0 Windows 2000 Windows 2003 Windows 2003 SP1 Windows ME Windows XP Windows XP SP2


CPAI-2005-136
	Date:
	Severity:
	Category:	MS-RPC
	Description:	Microsoft Windows LSASS Protection
	Sources:	Microsoft Security Bulletin MS04-011
	Vulnerable Systems:	Microsot Windows 2000 Microsoft Windows XP


CPAI-2005-147
	Date:
	Severity:
	Category:	Cross-Site Scripting
	Description:	Preemptive Protection against Sun Solaris Management Console HTTP TRACE Vulnerability
	Sources:	Sun Microsystems ID 102016
	Vulnerable Systems:	Sun Solaris 9 Operating System Sun Solaris 10 Operating System Sun Solaris 8 Operating System


CPAI-2005-146
	Date:
	Severity:
	Category:	Endpoint Security
	Description:	Integrity Clientless Security (ICS) version 3.7.39.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients


CPAI-2005-145
	Date:
	Severity:
	Category:	Instant Messengers
	Description:	Preemptive Protection against a Skype Heap Overflow Vulnerability
	Sources:	SKYPE-SB/2005-003
	Vulnerable Systems:	Skype for Windows: All releases prior to and including 1.4..83 Skype for Mac OS X: All releases prior to and including 1.3..16 Skype for Linux: All releases prior to and including 1.2..17 Skype for Pocket PC: All releases prior to and including 1.1..6


CPAI-2005-144
	Date:
	Severity:
	Category:	Endpoint Security
	Description:	Integrity Clientless Security (ICS) version 3.7.38.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients


CPAI-2005-143
	Date:
	Severity:
	Category:	Remote Code Execution
	Description:	Protection against a Vulnerability in Windows Shell (MS05-049)
	Sources:	Microsoft Security Bulletin MS05-049
	Vulnerable Systems:	Windows 2000 Professional Windows 2000 Server


CPAI-2005-142
	Date:
	Severity:
	Category:	Endpoint Security
	Description:	Integrity Clientless Security (ICS) version 3.7.37.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients


CPAI-2005-141
	Date:
	Severity:
	Category:	Privileges Escalation
	Description:	Protection against a Directory Traversal Vulnerability in Windows FTP Client (MS05-044)
	Sources:	Microsoft Security Bulletin MS05-044
	Vulnerable Systems:	Windows 2000 Professional Windows 2000 Server Windows ME Windows Server 2003 Windows XP


CPAI-2005-139
	Date:
	Severity:
	Category:	Remote Code Execution
	Description:	Preemptive Protection against Microsoft Plug and Play Vulnerability (MS05-047)
	Sources:	Microsoft Security Bulletin MS05-047
	Vulnerable Systems:	Windows 2000 Professional Windows 2000 Server Windows NT Windows NT TS Windows XP Windows XP SP2


CPAI-2005-138
	Date:
	Severity:
	Category:	Remote Code Execution
	Description:	Vulnerability in the Microsoft Client Service for Netware (MS05-046)
	Sources:	Microsoft Security Bulletin MS05-046
	Vulnerable Systems:	Windows 2000 Windows 2003 Windows NT4 Windows XP Windows XP SP2


CPAI-2005-135
	Date:
	Severity:
	Category:	Endpoint security
	Description:	Integrity Clientless Security (ICS) version 3.7.36.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients


CPAI-2005-134
	Date:
	Severity:
	Category:	Remote Code Execution
	Description:	Preemptive Protection against Symantec Anti Virus Scan Engine Negative Content-Length Vulnerability
	Sources:	iDEFENSE Security Advisory 10.04.05
	Vulnerable Systems:	• Symantec AntiVirus Scan Engine 4.0 • Symantec AntiVirus Scan Engine 4.3 • Symantec AntiVirus Scan Engine for ISA 4.0 • Symantec AntiVirus Scan Engine for ISA 4.3 • Symantec AntiVirus Scan Engine for Netapp Filer 4.0 • Symantec AntiVirus Scan Engine for Messaging 4.3 • Symantec AntiVirus Scan Engine for Netapp NetCache 4.0 • Symantec AntiVirus Scan Engine for Network Attached Storage 4.3 • Symantec AntiVirus Scan Engine for Bluecoat 4.0 • Symantec AntiVirus Scan Engine for Caching 4.3 • Symantec AntiVirus Scan Engine for Microsoft SharePoint 4.3 • Symantec AntiVirus Scan Engine for Clearswift 4.0 • Symantec AntiVirus Scan Engine for Clearswift 4.3


CPAI-2005-133
	Date:
	Severity:
	Category:	Endpoint Security
	Description:	Integrity Clientless Security (ICS) version 3.7.35.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients

Security Best Practices (Sorted by Severity, then Date)


CPSA-2005-14
	Date:
	Severity:
	Category:	Security Best Practices
	Description:	Protecting against Security Vulnerabilities in SSL Version 2
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Any application, client or server, using SSL version 2 encryption


CPSA-2005-13
	Date:
	Severity:
	Category:	Web Intelligence Protections
	Description:	Protecting Web Servers with Web Intelligence
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Web servers

Defense Updates


CPAI-2005-146
	Date:
	Update Number:	690051026 (Connectra 2.0) 691051026 (Connectra NGX)
	Description:	Integrity Clientless Security (ICS) version 3.7.39.0


CPAI-2005-144
	Date:
	Update Number:	690051020 (Connectra 2.0) 691051020 (Connectra NGX)
	Description:	Integrity Clientless Security (ICS) version 3.7.38.0


CPAI-2005-142
	Date:
	Update Number:	690051011 (Connectra 2.0) 691051011 (Connectra NGX)
	Description:	Integrity Clientless Security (ICS) version 3.7.37.0


CPAI-2005-140
	Date:
	Update Number:	541051011 (VPN-1 NG R55) 550051011 (VPN-1 NG R55W) 591051011 (VPN-1 NGX R60) 547051011 (InterSpect)
	Description:	Microsoft DTC protection (MS05-051)


CPAI-2005-139
	Date:
	Update Number:	541051011 (VPN-1 NG R55) 550051011 (VPN-1 NG R55W) 591051011 (VPN-1 NGX R60) 547051011 (InterSpect)
	Description:	Microsoft uPnP protection (MS05-047)


CPAI-2005-138
	Date:
	Update Number:	541051011 (VPN-1 NG R55) 550051011 (VPN-1 NG R55W) 591051011 (VPN-1 NGX R60) 547051011 (InterSpect)
	Description:	Microsoft Client Service for NetWare protection (MS05-046)


CPAI-2005-136
	Date:
	Update Number:	541051011 (VPN-1 NG R55) 550051011 (VPN-1 NG R55W) 591051011 (VPN-1 NGX R60) 547051011 (InterSpect)
	Description:	Microsoft Windows LSASS Protection


CPAI-2005-135
	Date:
	Update Number:	690051006 (Connectra 2.0) 691051006 (Connectra NGX)
	Description:	Integrity Clientless Security (ICS) version 3.7.36.0


CPSA-2005-133
	Date:
	Update Number:	690050929 (Connectra 2.0) 691050929 (Connectra NGX)
	Description:	Integrity Clientless Security (ICS) version 3.7.35.0

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).