SDS Banner

SmartDefense Services Bulletin
February 2007

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 UTM
  • Anti-spyware updates for Check Point Integrity Anti-Spyware 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
Advisories (Sorted by Severity, then Date)
CPAI-2007-008
  Date:
  Severity:
  Description: Update Protection against Multiple Adobe Acrobat Vulnerabilities
  Sources: FrSIRT/ADV-2007-0032
  Vulnerable Systems: Adobe Reader version 7.0.8 and prior
Adobe Acrobat Standard version 7.0.8 and prior
Adobe Acrobat Professional version 7.0.8 and prior
Adobe Acrobat Elements version 7.0.8 and prior
     
CPAI-2007-007
  Date:
  Severity:
  Description: Update Protection against Vector Markup Language (VML) Remote Code Execution Vulnerability (MS07-004)
  Sources: Microsoft Security Bulletin MS07-004
  Vulnerable Systems: Microsoft Internet Explorer 5.01 SP4 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 7 on Microsoft Windows XP SP2
Microsoft Internet Explorer 7 on Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 7 on Microsoft Windows Server 2003
Microsoft Internet Explorer 7 on Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 7 on Microsoft Windows Server 2003 (Itanium)
Microsoft Internet Explorer 7 on Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Internet Explorer 7 on Microsoft Windows Server 2003 x64 Edition
     
CPAI-2007-005
  Date:
  Severity:
  Description: Preemptive Protection against Novell NetMail IMAP 'APPEND' Buffer Overflow Vulnerability
  Sources: Secunia Advisory: SA23437
  Vulnerable Systems: Novell NetMail version 3.52 and prior
     
CPAI-2007-004
  Date:
  Severity:
  Description: Update Protection against Microsoft Windows Media Player Remote Code Execution Vulnerabilities (MS06-078)
  Sources: Microsoft Security Bulletin MS06-078
  Vulnerable Systems: Microsoft Windows Media Format versions 7.1 through 9.5
Microsoft Windows Media Format version 9.5 (x64 Edition)
Microsoft Windows Media Player version 6.4
     
CPAI-2007-003
  Date:
  Severity:
  Description: Update Protection against Microsoft Outlook Express Windows Address Book Vulnerability (MS06-076)
  Sources: Microsoft Security Bulletin MS06-076
  Vulnerable Systems: Microsoft Outlook Express 5.5 SP2 on Windows 2000 SP4
Microsoft Outlook Express 6 SP1 on Windows 2000 SP4
Microsoft Outlook Express 6 on Windows XP SP2
Microsoft Outlook Express 6 on Windows XP Professional x64 Edition
Microsoft Outlook Express 6 on Windows Server 2003
Microsoft Outlook Express 6 on Windows Server 2003 SP1
Microsoft Outlook Express 6 on Windows Server 2003 x64 Edition
Microsoft Outlook Express 6 on Windows Server 2003 (Itanium)
Microsoft Outlook Express 6 on Windows Server 2003 SP1 (Itanium)
     
CPAI-2007-002
  Date:
  Severity:
  Description: Update Protection against Microsoft Internet Explorer TIF Folder Vulnerability (MS06-072)
  Sources: Microsoft Security Bulletin MS06-072
  Vulnerable Systems: Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4
Microsoft Internet Explorer 6 for Windows XP SP2
Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 for Windows Server 2003
Microsoft Internet Explorer 6 for Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 with SP1 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition
     
CPAI-2007-001
  Date:
  Severity:
  Description: Update Protection against Microsoft Internet Explorer Memory Corruption Vulnerability (MS06-072)
  Sources: Microsoft Security Bulletin MS06-072
  Vulnerable Systems: Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4
Microsoft Internet Explorer 6 for Windows XP SP2
Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 for Windows Server 2003
Microsoft Internet Explorer 6 for Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 with SP1 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition
     
CPAI-2007-010
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.131.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2007-009
  Date:
  Severity:
  Description: Preemptive Protection against FileCOPA FTP Server Buffer Overflow Vulnerability
  Sources: Secunia Research: 25/07/2006
  Vulnerable Systems: FileCOPA version 1.01 (released on 2006-07-18)
     
CPAI-2007-006
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.128.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2007-011
  Date:
  Severity:
  Description: Preemptive Protection against HP FTP Print Server Buffer Overflow Vulnerability
  Sources: FrSIRT/ADV-2006-5081
  Vulnerable Systems: Hewlett-Packard (HP) FTP Print Server version 2.4.5 and prior
     
Defense Updates
CPAI-2007-010
  Date:
  Update Number: 692070124 (Connectra NGX R61/R62)
691070124 (Connectra NGX)
690070124 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.131.0
     
CPAI-2007-008
  Date:
  Update Number: 541070121 (VPN-1 NG R54/R55)
550070121 (VPN-1 NG R55W)
591070121 (VPN-1 NGX R60)
602070121 (VPN-1 NGX R61/R62)
591070121 (VPN-1 VSX NGX)
547070121 (InterSpect 1.x and 2.0)
592070121 (InterSpect NGX)
692070121 (Connectra NGX R61/R62)
  Description: Multiple Adobe Acrobat Protections
     
CPAI-2007-007
  Date:
  Update Number: 541070121 (VPN-1 NG R55)
550070121 (VPN-1 NG R55W)
591070121 (VPN-1 NGX R60)
602070121 (VPN-1 NGX R61/R62)
591070121 (VPN-1 VSX NGX)
547070121 (InterSpect 1.x and 2.0)
592070121 (InterSpect NGX)
  Description: Microsoft Vector Markup Language Protection (MS07-004)
     
CPAI-2007-006
  Date:
  Update Number: 692070124 (Connectra NGX R61/R62)
691070124 (Connectra NGX)
690070124 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.128.0
     
CPAI-2007-004
  Date:
  Update Number: 541070103 (VPN-1 NG R55)
550070103 (VPN-1 NG R55W)
591070103 (VPN-1 NGX R60)
602070103 (VPN-1 NGX R61/R62)
591070103 (VPN-1 VSX NGX)
547070103 (InterSpect 1.x and 2.0)
592070103 (InterSpect NGX)
  Description: Microsoft Windows Media Player Protection (MS06-078)
     
CPAI-2007-003
  Date:
  Update Number: 541070103 (VPN-1 NG R55)
550070103 (VPN-1 NG R55W)
591070103 (VPN-1 NGX R60)
602070103 (VPN-1 NGX R61/R62)
591070103 (VPN-1 VSX NGX)
547070103 (InterSpect 1.x and 2.0)
592070103 (InterSpect NGX)
  Description: Microsoft Outlook Express WAB Protection (MS06-076)
     
CPAI-2007-002
  Date:
  Update Number: 541070103 (VPN-1 NG R54/R55)
550070103 (VPN-1 NG R55W)
591070103 (VPN-1 NGX R60)
602070103 (VPN-1 NGX R61/R62)
591070103 (VPN-1 VSX NGX)
547070103 (InterSpect 1.x and 2.0)
592070103 (InterSpect NGX)
  Description: Microsoft TIF Folder Protection (MS06-072)
     
CPAI-2007-001
  Date:
  Update Number: 541070103 (VPN-1 NG R55)
550070103 (VPN-1 NG R55W)
591070103 (VPN-1 NGX R60)
602070103 (VPN-1 NGX R61/R62)
591070103 (VPN-1 VSX NGX)
547070103 (InterSpect 1.x and 2.0)
592070103 (InterSpect NGX)
  Description: Microsoft Internet Explorer Memory Corruption Protection (MS06-072)
     
SBP-2007-02
  Date:
  Update Number: 591070103 (VPN-1 NGX R60)
602070103 (VPN-1 NGX R61/R62)
592070103 (InterSpect NGX)
  Description: Syslog Related Protections
     
SBP-2007-01
  Date:
  Update Number: 541070103 (VPN-1 NG R55)
550070103 (VPN-1 NG R55W)
591070103 (VPN-1 NGX R60)
602070103 (VPN-1 NGX R61/R62)
591070103 (VPN-1 VSX NGX)
547070103 (InterSpect 1.x and 2.0)
592070103 (InterSpect NGX)
692070103 (Connectra NGX R61/R62)
  Description: Malformed IMAP Commands Protections
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065