SDS Banner

SmartDefense Services Bulletin
April 2007

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 UTM
  • Anti-spyware updates for Check Point Integrity Anti-Spyware 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
Advisories (Sorted by Severity, then Date)
CPAI-2007-037
  Date:
  Severity:
  Description: Preemptive Protection against Sourcefire Intrusion Sensor and Snort DCE/RPC Preprocessor Buffer Overflow Vulnerability
  Sources: SecurityTracker: 1017669
  Vulnerable Systems: Snort version 2.6.1
Snort version 2.6.1.1
Snort version 2.6.1.2
Snort version 2.7 beta 1
Sourcefire Intrusion Sensor versions 4.1.x
Sourcefire Intrusion Sensor versions 4.5.x
Sourcefire Intrusion Sensor versions 4.6.x
Sourcefire Intrusion Sensor Software for Crossbeam versions 4.1.x
Sourcefire Intrusion Sensor Software for Crossbeam versions 4.5.x
Sourcefire Intrusion Sensor Software for Crossbeam versions 4.6.x
     
CPAI-2007-033
  Date:
  Severity:
  Description: Update Protection against Microsoft Multiple COM Objects Vulnerability (MS07-016)
  Sources: Microsoft Security Bulletin MS07-016
  Vulnerable Systems: Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4
Microsoft Internet Explorer 6 for Windows XP SP2
Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 for Windows Server 2003
Microsoft Internet Explorer 6 for Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 SP1 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition
Microsoft Windows Internet Explorer 7 for Windows XP SP2
Microsoft Windows Internet Explorer 7 for Windows XP Professional x64 Edition
Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1
Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1 (Itanium)
Microsoft Windows Internet Explorer 7 for Windows Server 2003 x64 Edition
     
CPAI-2007-032
  Date:
  Severity:
  Description: Update Protection against Microsoft Data Access Components (MDAC) Remote Code Execution Vulnerability (MS07-009)
  Sources: Microsoft Security Bulletin MS07-009
  Vulnerable Systems: Microsoft Data Access Components 2.5 SP3
Microsoft Data Access Components 2.7 SP1
Microsoft Data Access Components 2.8
Microsoft Data Access Components 2.8 SP1
     
CPAI-2007-031
  Date:
  Severity:
  Description: Update Protection against Microsoft Malware Protection Engine PDF Remote Code Execution Vulnerability (MS07-010)
  Sources: Microsoft Security Bulletin MS07-010
  Vulnerable Systems: Windows Live OneCare
Microsoft Antigen for Exchange 9.x
Microsoft Antigen for SMTP Gateway 9.x
Microsoft Windows Defender
Microsoft Windows Defender x64 Edition
Microsoft Windows Defender in Windows Vista
Microsoft Forefront Security for Exchange Server
Microsoft Forefront Security for SharePoint
     
CPAI-2007-030
  Date:
  Severity:
  Description: Update Protection against Microsoft Internet Explorer FTP Responses Remote Code Execution Vulnerability (MS07-016)
  Sources: Microsoft Security Bulletin MS07-016
  Vulnerable Systems: Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4
Microsoft Internet Explorer 6 for Windows XP SP2
Microsoft Internet Explorer 6 for Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 for Windows Server 2003
Microsoft Internet Explorer 6 for Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 SP1 (Itanium)
Microsoft Internet Explorer 6 for Windows Server 2003 x64 Edition
Microsoft Windows Internet Explorer 7 for Windows XP SP2
Microsoft Windows Internet Explorer 7 for Windows XP Professional x64 Edition
Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1
Microsoft Windows Internet Explorer 7 for Windows Server 2003 SP1 (Itanium)
Microsoft Windows Internet Explorer 7 for Windows Server 2003 x64 Edition
     
CPAI-2007-029
  Date:
  Severity:
  Description: Update Protection against Sun Solaris Telnet Bypass Vulnerability
  Sources: Secunia Advisory: SA24120
  Vulnerable Systems: Sun Solaris 10
     
CPAI-2007-028
  Date:
  Severity:
  Description: Update Protection against Microsoft HTML Help ActiveX Control Remote Code Execution Vulnerability (MS07-008)
  Sources: Microsoft Security Bulletin MS07-008
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2007-027
  Date:
  Severity:
  Description: Update Protections against Microsoft Step-by-Step Interactive Training Remote Code Execution Vulnerability (MS07-005)
  Sources: Microsoft Security Bulletin MS07-005
  Vulnerable Systems: Step-by-Step Interactive Training for Microsoft Windows 2000 SP4
Step-by-Step Interactive Training for Microsoft Windows XP SP2
Step-by-Step Interactive Training for Microsoft Windows XP Professional x64 Edition
Step-by-Step Interactive Training for Microsoft Windows Server 2003
Step-by-Step Interactive Training for Microsoft Windows Server 2003 SP1
Step-by-Step Interactive Training for Microsoft Windows Server 2003 (Itanium)
Step-by-Step Interactive Training for Microsoft Windows Server 2003 SP1 for (Itanium)
Step-by-Step Interactive Training for Microsoft Windows Server 2003 x64 Edition
     
CPAI-2007-026
  Date:
  Severity:
  Description: Update Protections against Microsoft RTF Multiple Remote Code Execution Vulnerabilities (MS07-011, MS07-012, MS07-013)
  Sources: Microsoft Security Bulletin MS07-011
Microsoft Security Bulletin MS07-012
Microsoft Security Bulletin MS07-013
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition
     
CPAI-2007-039
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.147.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2007-038
  Date:
  Severity:
  Description: Preemptive Protection against Snort Inline Fragmentation Denial of Service Vulnerability
  Sources:
  Vulnerable Systems: Project Snort 2.6.1.1
Project Snort 2.6.1.2
Project Snort 2.7.0 beta
     
CPAI-2007-036
  Date:
  Severity:
  Description: Preemptive Protection against MailEnable "APPEND" Buffer Overflow Vulnerability
  Sources: FrSIRT/ADV-2007-0811
  Vulnerable Systems: MailEnable Enterprise Edition version 2.37 and prior
MailEnable Professional Edition version 2.37 and prior
     
CPAI-2007-035
  Date:
  Severity:
  Description: Preemptive Protection against Mozilla Firefox Cross Domain Scripting Vulnerability
  Sources: Secunia Advisory: SA24175
  Vulnerable Systems: Mozilla Firefox version 2.0.0.1 and prior
     
CPAI-2007-034
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.144.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2007-025
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.142.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
Defense Updates
CPAI-2007-039
  Date:
  Update Number: 692070328 (Connectra NGX R61/R62)
691070328 (Connectra NGX R60)
690070328 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.147.0
     
CPAI-2007-034
  Date:
  Update Number: 692070314(Connectra NGX R61/R62)
691070314 (Connectra NGX R60)
690070314 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.144.0
     
CPAI-2007-033
  Date:
  Update Number: 541070314 (VPN-1 NG R55)
550070314 (VPN-1 NG R55W)
591070314 (VPN-1 NGX R60)
602070314 (VPN-1 NGX R61/R62/R65)
591070314 (VPN-1 VSX NGX)
547070314 (InterSpect 1.x and 2.0)
592070314 (InterSpect NGX)
  Description: Microsoft Multiple COM Objects Protection (MS07-016)
     
CPAI-2007-032
  Date:
  Update Number: 541070314 (VPN-1 NG R55)
550070314 (VPN-1 NG R55W)
591070314 (VPN-1 NGX R60)
602070314 (VPN-1 NGX R61/R62/R65)
591070314 (VPN-1 VSX NGX)
547070314 (InterSpect 1.x and 2.0)
592070314 (InterSpect NGX)
  Description: Microsoft Data Access Components Protection (MS07-009)
     
CPAI-2007-031
  Date:
  Update Number: 541070314 (VPN-1 NG R55)
550070314(VPN-1 NG R55W)
591070314 (VPN-1 NGX R60)
602070314 (VPN-1 NGX R61/R62/R65)
591070314 (VPN-1 VSX NGX)
547070314 (InterSpect 1.x and 2.0)
592070314 (InterSpect NGX)
  Description: Microsoft PDF Protection (MS07-010)
     
CPAI-2007-030
  Date:
  Update Number: 591070314 (VPN-1 NGX R60)
602070314 (VPN-1 NGX R61/R62/R65)
547070314 (InterSpect 1.x and 2.0)
592070314 (InterSpect NGX)
692070314 (Connectra NGX R61/R62)
  Description: Microsoft IE FTP Responses Protection (MS07-016)
     
CPAI-2007-029
  Date:
  Update Number: 541070314 (VPN-1 NG R55)
550070314 (VPN-1 NG R55W)
591070314 (VPN-1 NGX R60)
602070314 (VPN-1 NGX R61/R62/R65)
591070314 (VPN-1 VSX NGX)
547070314 (InterSpect 1.x and 2.0)
592070314 (InterSpect NGX)
692070314 (Connectra NGX R61/R62)
  Description: Sun Solaris Telnet Bypass Protection
     
CPAI-2007-028
  Date:
  Update Number: 541070314 (VPN-1 NG R55)
550070314 (VPN-1 NG R55W)
591070314 (VPN-1 NGX R60)
602070314 (VPN-1 NGX R61/R62/R65)
591070314 (VPN-1 VSX NGX)
547070314 (InterSpect 1.x and 2.0)
592070314 (InterSpect NGX)
  Description: Microsoft HTML Help ActiveX Control Protection (MS07-008)
     
CPAI-2007-027
  Date:
  Update Number: 541070314 (VPN-1 NG R55)
550070314 (VPN-1 NG R55W)
591070314 (VPN-1 NGX R60)
602070314 (VPN-1 NGX R61/R62/R65)
591070314 (VPN-1 VSX NGX)
547070314 (InterSpect 1.x and 2.0)
592070314 (InterSpect NGX)
  Description: Microsoft Step-by-Step Interactive Training Protection (MS07-005)
     
CPAI-2007-026
  Date:
  Update Number: 541070314 (VPN-1 NG R55)
550070314 (VPN-1 NG R55W)
591070314 (VPN-1 NGX R60)
602070314 (VPN-1 NGX R61/R62/R65)
591070314 (VPN-1 VSX NGX)
547070314 (InterSpect 1.x and 2.0)
592070314 (InterSpect NGX)
  Description: Microsoft RTF Protections (MS07-011, MS07-012, MS07-013)
     
CPAI-2007-025
  Date:
  Update Number: 692070227 (Connectra NGX R61/R62)
691070227 (Connectra NGX R60)
690070227 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.142.0
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065