April 2007 SmartDefense Services Bulletin

SmartDefense Services Bulletin

April 2007

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

In This Bulletin

About SmartDefense Services
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

Preemptive, ongoing, and real-time updates to defenses and security policies
Ongoing new protocol and application defenses against emerging threats and attacks
Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
Anti-virus updates and alerts for Check Point VPN-1 UTM
Anti-spyware updates for Check Point Integrity Anti-Spyware
Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)

Advisories (Sorted by Severity, then Date)


CPAI-2007-037
	Date:
	Severity:
	Description:	Preemptive Protection against Sourcefire Intrusion Sensor and Snort DCE/RPC Preprocessor Buffer Overflow Vulnerability
	Sources:	SecurityTracker: 1017669
	Vulnerable Systems:	Snort version 2.6.1 Snort version 2.6.1.1 Snort version 2.6.1.2 Snort version 2.7 beta 1 Sourcefire Intrusion Sensor versions 4.1.x Sourcefire Intrusion Sensor versions 4.5.x Sourcefire Intrusion Sensor versions 4.6.x Sourcefire Intrusion Sensor Software for Crossbeam versions 4.1.x Sourcefire Intrusion Sensor Software for Crossbeam versions 4.5.x Sourcefire Intrusion Sensor Software for Crossbeam versions 4.6.x

CPAI-2007-033
	Date:
	Severity:
	Description:	Update Protection against Microsoft Multiple COM Objects Vulnerability (MS07-016)
	Sources:	Microsoft Security Bulletin MS07-016
	Vulnerable Systems:	Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4 Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4 Microsoft Internet Explorer 6 for Windows XP SP2 Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition Microsoft Internet Explorer 6 for Windows Server 2003 Microsoft Internet Explorer 6 for Windows Server 2003 SP1 Microsoft Internet Explorer 6 for Windows Server 2003 (Itanium) Microsoft Internet Explorer 6 for Windows Server 2003 SP1 (Itanium) Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition Microsoft Windows Internet Explorer 7 for Windows XP SP2 Microsoft Windows Internet Explorer 7 for Windows XP Professional x64 Edition Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1 Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1 (Itanium) Microsoft Windows Internet Explorer 7 for Windows Server 2003 x64 Edition

CPAI-2007-032
	Date:
	Severity:
	Description:	Update Protection against Microsoft Data Access Components (MDAC) Remote Code Execution Vulnerability (MS07-009)
	Sources:	Microsoft Security Bulletin MS07-009
	Vulnerable Systems:	Microsoft Data Access Components 2.5 SP3 Microsoft Data Access Components 2.7 SP1 Microsoft Data Access Components 2.8 Microsoft Data Access Components 2.8 SP1

CPAI-2007-031
	Date:
	Severity:
	Description:	Update Protection against Microsoft Malware Protection Engine PDF Remote Code Execution Vulnerability (MS07-010)
	Sources:	Microsoft Security Bulletin MS07-010
	Vulnerable Systems:	Windows Live OneCare Microsoft Antigen for Exchange 9.x Microsoft Antigen for SMTP Gateway 9.x Microsoft Windows Defender Microsoft Windows Defender x64 Edition Microsoft Windows Defender in Windows Vista Microsoft Forefront Security for Exchange Server Microsoft Forefront Security for SharePoint

CPAI-2007-030
	Date:
	Severity:
	Description:	Update Protection against Microsoft Internet Explorer FTP Responses Remote Code Execution Vulnerability (MS07-016)
	Sources:	Microsoft Security Bulletin MS07-016
	Vulnerable Systems:	Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4 Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4 Microsoft Internet Explorer 6 for Windows XP SP2 Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition Microsoft Internet Explorer 6 for Windows Server 2003 Microsoft Internet Explorer 6 for Windows Server 2003 SP1 Microsoft Internet Explorer 6 for Windows Server 2003 (Itanium) Microsoft Internet Explorer 6 for Windows Server 2003 SP1 (Itanium) Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition Microsoft Windows Internet Explorer 7 for Windows XP SP2 Microsoft Windows Internet Explorer 7 for Windows XP Professional x64 Edition Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1 Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1 (Itanium) Microsoft Windows Internet Explorer 7 for Windows Server 2003 x64 Edition

CPAI-2007-029
	Date:
	Severity:
	Description:	Update Protection against Sun Solaris Telnet Bypass Vulnerability
	Sources:	Secunia Advisory: SA24120
	Vulnerable Systems:	Sun Solaris 10

CPAI-2007-028
	Date:
	Severity:
	Description:	Update Protection against Microsoft HTML Help ActiveX Control Remote Code Execution Vulnerability (MS07-008)
	Sources:	Microsoft Security Bulletin MS07-008
	Vulnerable Systems:	Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 (Itanium) Microsoft Windows Server 2003 SP1 (Itanium) Microsoft Windows Server 2003 x64 Edition

CPAI-2007-027
	Date:
	Severity:
	Description:	Update Protections against Microsoft Step-by-Step Interactive Training Remote Code Execution Vulnerability (MS07-005)
	Sources:	Microsoft Security Bulletin MS07-005
	Vulnerable Systems:	Step-by-Step Interactive Training for Microsoft Windows 2000 SP4 Step-by-Step Interactive Training for Microsoft Windows XP SP2 Step-by-Step Interactive Training for Microsoft Windows XP Professional x64 Edition Step-by-Step Interactive Training for Microsoft Windows Server 2003 Step-by-Step Interactive Training for Microsoft Windows Server 2003 SP1 Step-by-Step Interactive Training for Microsoft Windows Server 2003 (Itanium) Step-by-Step Interactive Training for Microsoft Windows Server 2003 SP1 for (Itanium) Step-by-Step Interactive Training for Microsoft Windows Server 2003 x64 Edition

CPAI-2007-026
	Date:
	Severity:
	Description:	Update Protections against Microsoft RTF Multiple Remote Code Execution Vulnerabilities (MS07-011, MS07-012, MS07-013)
	Sources:	Microsoft Security Bulletin MS07-011 Microsoft Security Bulletin MS07-012 Microsoft Security Bulletin MS07-013
	Vulnerable Systems:	Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 (Itanium) Microsoft Windows Server 2003 SP1 (Itanium) Microsoft Windows Server 2003 x64 Edition

CPAI-2007-039
	Date:
	Severity:
	Description:	Integrity Clientless Security (ICS) Update 3.7.147.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients

CPAI-2007-038
	Date:
	Severity:
	Description:	Preemptive Protection against Snort Inline Fragmentation Denial of Service Vulnerability
	Sources:
	Vulnerable Systems:	Project Snort 2.6.1.1 Project Snort 2.6.1.2 Project Snort 2.7.0 beta

CPAI-2007-036
	Date:
	Severity:
	Description:	Preemptive Protection against MailEnable "APPEND" Buffer Overflow Vulnerability
	Sources:	FrSIRT/ADV-2007-0811
	Vulnerable Systems:	MailEnable Enterprise Edition version 2.37 and prior MailEnable Professional Edition version 2.37 and prior

CPAI-2007-035
	Date:
	Severity:
	Description:	Preemptive Protection against Mozilla Firefox Cross Domain Scripting Vulnerability
	Sources:	Secunia Advisory: SA24175
	Vulnerable Systems:	Mozilla Firefox version 2.0.0.1 and prior

CPAI-2007-034
	Date:
	Severity:
	Description:	Integrity Clientless Security (ICS) Update 3.7.144.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients

CPAI-2007-025
	Date:
	Severity:
	Description:	Integrity Clientless Security (ICS) Update 3.7.142.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients

Defense Updates


CPAI-2007-039
	Date:
	Update Number:	692070328 (Connectra NGX R61/R62) 691070328 (Connectra NGX R60) 690070328 (Connectra 2.0)
	Description:	Integrity Clientless Security (ICS) Update 3.7.147.0


CPAI-2007-034
	Date:
	Update Number:	692070314(Connectra NGX R61/R62) 691070314 (Connectra NGX R60) 690070314 (Connectra 2.0)
	Description:	Integrity Clientless Security (ICS) Update 3.7.144.0


CPAI-2007-033
	Date:
	Update Number:	541070314 (VPN-1 NG R55) 550070314 (VPN-1 NG R55W) 591070314 (VPN-1 NGX R60) 602070314 (VPN-1 NGX R61/R62/R65) 591070314 (VPN-1 VSX NGX) 547070314 (InterSpect 1.x and 2.0) 592070314 (InterSpect NGX)
	Description:	Microsoft Multiple COM Objects Protection (MS07-016)


CPAI-2007-032
	Date:
	Update Number:	541070314 (VPN-1 NG R55) 550070314 (VPN-1 NG R55W) 591070314 (VPN-1 NGX R60) 602070314 (VPN-1 NGX R61/R62/R65) 591070314 (VPN-1 VSX NGX) 547070314 (InterSpect 1.x and 2.0) 592070314 (InterSpect NGX)
	Description:	Microsoft Data Access Components Protection (MS07-009)


CPAI-2007-031
	Date:
	Update Number:	541070314 (VPN-1 NG R55) 550070314(VPN-1 NG R55W) 591070314 (VPN-1 NGX R60) 602070314 (VPN-1 NGX R61/R62/R65) 591070314 (VPN-1 VSX NGX) 547070314 (InterSpect 1.x and 2.0) 592070314 (InterSpect NGX)
	Description:	Microsoft PDF Protection (MS07-010)


CPAI-2007-030
	Date:
	Update Number:	591070314 (VPN-1 NGX R60) 602070314 (VPN-1 NGX R61/R62/R65) 547070314 (InterSpect 1.x and 2.0) 592070314 (InterSpect NGX) 692070314 (Connectra NGX R61/R62)
	Description:	Microsoft IE FTP Responses Protection (MS07-016)


CPAI-2007-029
	Date:
	Update Number:	541070314 (VPN-1 NG R55) 550070314 (VPN-1 NG R55W) 591070314 (VPN-1 NGX R60) 602070314 (VPN-1 NGX R61/R62/R65) 591070314 (VPN-1 VSX NGX) 547070314 (InterSpect 1.x and 2.0) 592070314 (InterSpect NGX) 692070314 (Connectra NGX R61/R62)
	Description:	Sun Solaris Telnet Bypass Protection


CPAI-2007-028
	Date:
	Update Number:	541070314 (VPN-1 NG R55) 550070314 (VPN-1 NG R55W) 591070314 (VPN-1 NGX R60) 602070314 (VPN-1 NGX R61/R62/R65) 591070314 (VPN-1 VSX NGX) 547070314 (InterSpect 1.x and 2.0) 592070314 (InterSpect NGX)
	Description:	Microsoft HTML Help ActiveX Control Protection (MS07-008)


CPAI-2007-027
	Date:
	Update Number:	541070314 (VPN-1 NG R55) 550070314 (VPN-1 NG R55W) 591070314 (VPN-1 NGX R60) 602070314 (VPN-1 NGX R61/R62/R65) 591070314 (VPN-1 VSX NGX) 547070314 (InterSpect 1.x and 2.0) 592070314 (InterSpect NGX)
	Description:	Microsoft Step-by-Step Interactive Training Protection (MS07-005)


CPAI-2007-026
	Date:
	Update Number:	541070314 (VPN-1 NG R55) 550070314 (VPN-1 NG R55W) 591070314 (VPN-1 NGX R60) 602070314 (VPN-1 NGX R61/R62/R65) 591070314 (VPN-1 VSX NGX) 547070314 (InterSpect 1.x and 2.0) 592070314 (InterSpect NGX)
	Description:	Microsoft RTF Protections (MS07-011, MS07-012, MS07-013)


CPAI-2007-025
	Date:
	Update Number:	692070227 (Connectra NGX R61/R62) 691070227 (Connectra NGX R60) 690070227 (Connectra 2.0)
	Description:	Integrity Clientless Security (ICS) Update 3.7.142.0

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).