SDS Banner

SmartDefense Services Bulletin
June 2007

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 UTM
  • Anti-spyware updates for Check Point Integrity Anti-Spyware 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
Advisories (Sorted by Severity, then Date)
CPAI-2007-066
  Date:
  Severity:
  Description: Update Protection against Multiple Microsoft Internet Explorer Remote Code Execution Vulnerabilities (MS07-027)
  Sources: Microsoft Security Bulletin MS07-027
  Vulnerable Systems: Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows XP Professional x64 Edition
Windows XP Professional x64 Edition SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 with SP1 (Itanium)
Microsoft Windows Server 2003 with SP2 (Itanium)
Microsoft Windows Server 2003 x64 Edition SP1
Microsoft Windows Server 2003 x64 Edition SP2
Windows Vista
Windows Vista x64 Edition
     
CPAI-2007-065
  Date:
  Severity:
  Description: Update Protection against IBM Lotus Domino Buffer Overflow Vulnerability
  Sources: Secunia Advisory: SA24633
  Vulnerable Systems: IBM Lotus Domino 6.x prior to 6.5.6
IBM Lotus Domino 7.x prior to 7.0.2 FP1
     
CPAI-2007-064
  Date:
  Severity:
  Description: Update Protection against Microsoft CAPICOM Remote Code Execution Vulnerability (MS07-028)
  Sources: Microsoft Security Bulletin MS07-028
  Vulnerable Systems: CAPICOM
Platform SDK Redistributable: CAPICOM
BizTalk Server 2004 SP1
BizTalk Server 2004 SP2
     
CPAI-2007-057
  Date:
  Severity:
  Description: Preemptive Protection against Microsoft Exchange IMAP Literals Remote Code Execution Vulnerability (MS07-026)
  Sources: Microsoft Security Bulletin MS07-026
  Vulnerable Systems: Microsoft Exchange Server 2007
Microsoft Exchange Server 2003 SP1
Microsoft Exchange Server 2003 SP2
Microsoft Exchange 2000 Server SP3 with the Exchange 2000 Post-SP3 Update Rollup of August 2004
     
CPAI-2007-063
  Date:
  Severity:
  Description: Update Protection against Sun Java GIF Image Remote Code Execution Vulnerability
  Sources: FrSIRT/ADV-2007-0211
  Vulnerable Systems: Sun JDK version 5.0 Update 9 and prior
Sun SDK version 1.4.2_12 and prior
Sun SDK version 1.3.1_18 and prior
Sun JRE version 5.0 Update 9 and prior
Sun JRE version 1.4.2_12 and prior
Sun JRE version 1.3.1_18 and prior
     
CPAI-2007-062
  Date:
  Severity:
  Description: Update Protection against McAfee ePolicy Orchestrator SiteManager Multiple Buffer Overflow Vulnerabilities
  Sources: Secunia Advisory: SA24466
  Vulnerable Systems: McAfee ePolicy Orchestrator 3.5.0 (Patch 7 and prior)
McAfee ePolicy Orchestrator 3.6.0 (Patch 5 and prior)
McAfee ePolicy Orchestrator 3.6.1
McAfee Protection Pilot 1.1.1 (Patch 3 and prior)
McAfee Protection Pilot 1.5.0
     
CPAI-2007-061
  Date:
  Severity:
  Description: Update Protection against Multiple Symantec SupportSoft ActiveX Control Buffer Overflow Vulnerabilities
  Sources: Secunia Advisory: SA24251
  Vulnerable Systems: SupportSoft ActiveX Controls versions 5.x
SupportSoft ActiveX Controls versions 6.x
     
CPAI-2007-059
  Date:
  Severity:
  Description: Update Protection against Apple Mac OS X GIF Image Remote Code Execution Vulnerability
  Sources: Secunia Advisory: SA24479
  Vulnerable Systems: Apple Mac OS X version 10.4.8
     
CPAI-2007-056
  Date:
  Severity:
  Description: Preemptive Protection against Adobe Products PNG Buffer Overflow Vulnerability
  Sources: Secunia Advisory: SA25044
  Vulnerable Systems: Adobe Systems Adobe Photoshop CS 2
Adobe Systems Adobe Photoshop CS 3
Adobe Systems Adobe Photoshop Elements (Editor) for Windows 5.0
     
CPAI-2007-060
  Date:
  Severity:
  Description: Update Protection against Mercury Mail Transport System Data Buffer Overflow Vulnerability
  Sources: Secunia Advisory: SA22857
  Vulnerable Systems: Mercury Mail Transport System 4.01b
     
CPAI-2007-058
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.154.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
Defense Updates
CPAI-2007-066
  Date:
  Update Number: 541070517 (VPN-1 NG R55)
550070517 (VPN-1 NG R55W)
591070517 (VPN-1 NGX R60)
602070517 (VPN-1 NGX R61/R62/R65)
591070517 (VPN-1 VSX NGX)
547070517 (InterSpect 1.x and 2.0)
592070517 (InterSpect NGX)
  Description: Multiple Microsoft Internet Explorer Protections (MS07-027)
     
CPAI-2007-065
  Date:
  Update Number: 541070517 (VPN-1 NG R55)
550070517 (VPN-1 NG R55W)
591070517 (VPN-1 NGX R60)
602070517 (VPN-1 NGX R61/R62/R65)
591070517 (VPN-1 VSX NGX)
692070517 (Connectra R61/R62)
547070517 (InterSpect 1.x and 2.0)
592070517 (InterSpect NGX)
  Description: IBM Lotus Domino Protection
     
CPAI-2007-064
  Date:
  Update Number: 541070517 (VPN-1 NG R55)
550070517 (VPN-1 NG R55W)
591070517 (VPN-1 NGX R60)
602070517 (VPN-1 NGX R61/R62/R65)
591070517 (VPN-1 VSX NGX)
547070517 (InterSpect 1.x and 2.0)
592070517 (InterSpect NGX)
  Description: Microsoft CAPICOM Protection (MS07-028)
     
CPAI-2007-063
  Date:
  Update Number: 541070510 (VPN-1 NG R55)
550070510 (VPN-1 NG R55W)
591070510 (VPN-1 NGX R60)
602070510 (VPN-1 NGX R61/R62/R65)
591070510 (VPN-1 VSX NGX)
547070510 (InterSpect 1.x and 2.0)
592070510 (InterSpect NGX)
  Description: Sun Java GIF Image Protection
     
CPAI-2007-062
  Date:
  Update Number: 541070510 (VPN-1 NG R55)
550070510 (VPN-1 NG R55W)
591070510 (VPN-1 NGX R60)
602070510 (VPN-1 NGX R61/R62/R65)
591070510 (VPN-1 VSX NGX)
547070510 (InterSpect 1.x and 2.0)
592070510 (InterSpect NGX)
  Description: Multiple McAfee ePolicy Orchestrator SiteManager Protections
     
CPAI-2007-061
  Date:
  Update Number: 541070510 (VPN-1 NG R55)
550070510 (VPN-1 NG R55W)
591070510 (VPN-1 NGX R60)
602070510 (VPN-1 NGX R61/R62/R65)
591070510 (VPN-1 VSX NGX)
547070510 (InterSpect 1.x and 2.0)
592070510 (InterSpect NGX)
  Description: Multiple Symantec SupportSoft ActiveX Control Protections
     
CPAI-2007-060
  Date:
  Update Number: 541070510 (VPN-1 NG R55)
550070510 (VPN-1 NG R55W)
591070510 (VPN-1 NGX R60)
602070510 (VPN-1 NGX R61/R62/R65)
591070510 (VPN-1 VSX NGX)
547070510 (InterSpect 1.x and 2.0)
592070510 (InterSpect NGX)
  Description: Mercury Mail Transport System Data Protection
     
CPAI-2007-059
  Date:
  Update Number: 541070510 (VPN-1 NG R55)
550070510 (VPN-1 NG R55W)
591070510 (VPN-1 NGX R60)
602070510 (VPN-1 NGX R61/R62/R65)
591070510 (VPN-1 VSX NGX)
547070510 (InterSpect 1.x and 2.0)
592070510 (InterSpect NGX)
  Description: Apple Mac OS X GIF Image Protection
     
CPAI-2007-058
  Date:
  Update Number: 692070507 (Connectra NGX R61/R62)
691070507 (Connectra NGX R60)
690070507 (Connectra 2.0)
  Description: Integrity Clientless Security (ICS) Update 3.7.154.0
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065