September 2007 SmartDefense Services Bulletin

SmartDefense Services Bulletin

September 2007

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

In This Bulletin

About SmartDefense Services
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

Preemptive, ongoing, and real-time updates to defenses and security policies
Ongoing new protocol and application defenses against emerging threats and attacks
Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
Anti-virus updates and alerts for Check Point VPN-1 UTM
Anti-spyware updates for Check Point Integrity Anti-Spyware
Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)

Advisories (Sorted by Severity, then Date)


CPAI-2007-103
	Date:
	Severity:
	Description:	Preemptive Protection against Mercury Mail Transport System SMTP AUTH CRAM-MD5 Buffer Overflow Vulnerability
	Sources:	FrSIRT/ADV-2007-2918
	Vulnerable Systems:	Mercury Mail Transport System version 4.51 and prior

CPAI-2007-100
	Date:
	Severity:
	Description:	Update Protection against Microsoft Internet Explorer ActiveX Object Memory Corruption Vulnerability (MS07-045)
	Sources:	Microsoft Security Bulletin MS07-045
	Vulnerable Systems:	Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003

CPAI-2007-099
	Date:
	Severity:
	Description:	Update Protection against Microsoft Internet Explorer ActiveX Object IObjectsafety Implementation Vulnerability (MS07-045)
	Sources:	Microsoft Security Bulletin MS07-045
	Vulnerable Systems:	Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003

CPAI-2007-091
	Date:
	Severity:
	Description:	Update Protection against Sun Microsystems Java System Web Proxy sockd Daemon Buffer Overflow Vulnerability
	Sources:	FrSIRT/ADV-2007-1957
	Vulnerable Systems:	Sun Microsystems Java System Web Proxy Server prior to 4.0.5

CPAI-2007-096
	Date:
	Severity:
	Description:	Preemptive Protection against ISC BIND Cache Poisoning Vulnerability
	Sources:	Secunia Advisory: SA26152
	Vulnerable Systems:	Internet Systems Consortium (ISC) BIND 9.0.x Internet Systems Consortium (ISC) BIND 9.1.x Internet Systems Consortium (ISC) BIND 9.2.0 to 9.2.8 Internet Systems Consortium (ISC) BIND 9.3.0 to 9.3.4 Internet Systems Consortium (ISC) BIND 9.4.0 to 9.4.1 Internet Systems Consortium (ISC) BIND 9.5.0a1 to 9.5.0a5

CPAI-2007-086
	Date:
	Severity:
	Description:	Update Protection against Multiple Microsoft Windows Active Directory Crafted LDAP Request Vulnerabilities (MS07-039)
	Sources:	Microsoft Security Bulletin MS07-039
	Vulnerable Systems:	Microsoft Windows 2000 Server SP4 Windows Server 2003 SP 1 and Windows Server 2003 SP2 Windows Server 2003 x64 Edition Windows Server 2003 x64 Edition SP2 Windows Server 2003 with SP1 (Itanium) Windows Server 2003 with SP2 (Itanium)

CPAI-2007-085
	Date:
	Severity:
	Description:	Update Protection against Microsoft Excel Remote Code Execution Vulnerability (MS07-036)
	Sources:	Microsoft Security Bulletin MS07-036
	Vulnerable Systems:	Microsoft Excel 2000 SP3 Microsoft Excel 2002 SP3 Microsoft Excel 2003 SP2 Microsoft Excel 2003 Viewer Microsoft Office Excel 2007 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats

CPAI-2007-201
	Date:
	Severity:
	Description:	IPS-1 Protection Update for WWW2 (Version 27)
	Sources:	US-CERT Vulnerability Note VU#739224
	Vulnerable Systems:	All IPS-1 products with versions of WWW2 prior to version 27

CPAI-2007-101
	Date:
	Severity:
	Description:	Update Protection against Microsoft Excel Workspace Memory Corruption Vulnerability (MS07-044)
	Sources:	Microsoft Security Bulletin MS07-044
	Vulnerable Systems:	Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2004 for Mac Microsoft Excel Viewer 2003 Microsoft Office 2000 Microsoft Office XP Microsoft Office 2003 Microsoft Office 2004 for Mac

CPAI-2007-098
	Date:
	Severity:
	Description:	Update Protection against Trend Micro ServerProtect CreateBinding DCE-RPC Buffer Overflow Vulnerability
	Sources:	Secunia Advisory: SA25186
	Vulnerable Systems:	Trend Micro ServerProtect for Windows 5.58

CPAI-2007-097
	Date:
	Severity:
	Description:	Update Protection against Trend Micro ServerProtect EarthAgent DCE-RPC Buffer Overflow Vulnerability
	Sources:	Secunia Advisory: SA25186
	Vulnerable Systems:	Trend Micro ServerProtect 5.58

CPAI-2007-093
	Date:
	Severity:
	Description:	Update Protection against Provideo ISSCamControl Module ActiveX Control Buffer Overflow Vulnerability
	Sources:	Secunia Advisory: SA25479
	Vulnerable Systems:	Provideo ISSCamControl ActiveX version 1.0.1.5

CPAI-2007-092
	Date:
	Severity:
	Description:	Update Protection against WinZip FileView ActiveX Controls Buffer Overflow Vulnerability
	Sources:	Secunia Advisory: SA22891
	Vulnerable Systems:	WinZip 10.0 Build 6667

CPAI-2007-104
	Date:
	Severity:
	Description:	Integrity Clientless Security (ICS) Update 3.7.172.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients

CPAI-2007-095
	Date:
	Severity:
	Description:	Integrity Clientless Security (ICS) Update 3.7.170.0
	Sources:	SmartDefense Research Center
	Vulnerable Systems:	Microsoft Windows clients

CPAI-2007-087
	Date:
	Severity:
	Description:	Update Protection against Microsoft Office Publisher 2007 Remote Code Execution Vulnerability (MS07-037)
	Sources:	Microsoft Security Bulletin MS07-037
	Vulnerable Systems:	Microsoft Office Publisher 2007

CPAI-2007-202
	Date:
	Severity:
	Description:	IPS-1 Protection Update for SNMP (Version 21)
	Sources:
	Vulnerable Systems:	All IPS-1 customers should apply this signature update.

Defense Updates


CPAI-2007-104
	Date:
	Update Number:	692070828 (Connectra NGX R61/R62) 691070828 (Connectra NGX R60)
	Description:	Integrity Clientless Security (ICS) Update 3.7.172.0


CPAI-2007-102
	Date:
	Update Number:	541070828 (VPN-1 NG R55 Only) 591070828 (VPN-1 NGX R60) 602070828 (VPN-1 NGX R61/R62/R65) 591070828 (VPN-1 VSX NGX) 547070828 (InterSpect 1.x and 2.0) 592070828 (InterSpect NGX)
	Description:	Microsoft Windows Media Player Skin Parsing Protection (MS07-047)


CPAI-2007-101
	Date:
	Update Number:	541070828 (VPN-1 NG R55 Only) 591070828 (VPN-1 NGX R60) 602070828 (VPN-1 NGX R61/R62/R65) 591070828 (VPN-1 VSX NGX) 547070828 (InterSpect 1.x and 2.0) 592070828 (InterSpect NGX)
	Description:	Microsoft Excel Workspace Memory Corruption Protection (MS07-044)


CPAI-2007-100
	Date:
	Update Number:	541070828 (VPN-1 NG R55 Only) 591070828 (VPN-1 NGX R60) 602070828 (VPN-1 NGX R61/R62/R65) 591070828 (VPN-1 VSX NGX) 547070828 (InterSpect 1.x and 2.0) 592070828 (InterSpect NGX)
	Description:	Microsoft Internet Explorer Memory Corruption Protection (MS07-045)


CPAI-2007-099
	Date:
	Update Number:	541070828 (VPN-1 NG R55 Only) 591070828 (VPN-1 NGX R60) 602070828 (VPN-1 NGX R61/R62/R65) 591070828 (VPN-1 VSX NGX) 547070828 (InterSpect 1.x and 2.0) 592070828 (InterSpect NGX)
	Description:	Microsoft Internet Explorer IObjectsafety Protection (MS07-045)


CPAI-2007-098
	Date:
	Update Number:	541070821 (VPN-1 NG R55 Only) 591070821 (VPN-1 NGX R60) 602070821 (VPN-1 NGX R61/R62/R65) 591070821 (VPN-1 VSX NGX) 547070821 (InterSpect 1.x and 2.0) 592070821 (InterSpect NGX) 692070821 (Connectra NGX R61/R62)
	Description:	Trend Micro ServerProtect CreateBinding Protection


CPAI-2007-097
	Date:
	Update Number:	541070821 (VPN-1 NG R55 Only) 591070821 (VPN-1 NGX R60) 602070821 (VPN-1 NGX R61/R62/R65) 591070821 (VPN-1 VSX NGX) 547070821 (InterSpect 1.x and 2.0) 592070821 (InterSpect NGX) 692070821 (Connectra NGX R61/R62)
	Description:	Trend Micro ServerProtect EarthAgent Protection


CPAI-2007-093
	Date:
	Update Number:	541070821 (VPN-1 NG R55 Only) 591070821 (VPN-1 NGX R60) 602070821 (VPN-1 NGX R61/R62/R65) 591070821 (VPN-1 VSX NGX) 547070821 (InterSpect 1.x and 2.0) 592070821 (InterSpect NGX)
	Description:	Provideo ISSCamControl Module Protection


CPAI-2007-092
	Date:
	Update Number:	541070821 (VPN-1 NG R55 Only) 591070821 (VPN-1 NGX R60) 602070821 (VPN-1 NGX R61/R62/R65) 591070821 (VPN-1 VSX NGX) 547070821 (InterSpect 1.x and 2.0) 592070821 (InterSpect NGX)
	Description:	WinZip FileView ActiveX Controls Protection


CPAI-2007-091
	Date:
	Update Number:	591070821 (VPN-1 NGX R60) 602070821 (VPN-1 NGX R61/R62/R65) 547070821 (InterSpect 1.x and 2.0) 592070821 (InterSpect NGX)
	Description:	Sun Microsystems Java System Web Proxy Protection


CPAI-2007-095
	Date:
	Update Number:	692070815 (Connectra NGX R61/R62) 691070815 (Connectra NGX R60)
	Description:	Integrity Clientless Security (ICS) Update 3.7.170.0


CPAI-2007-087
	Date:
	Update Number:	541070805 (VPN-1 NG R55 Only) 550070805 (VPN-1 NG R55W) 591070805 (VPN-1 NGX R60) 602070805 (VPN-1 NGX R61/R62/R65) 591070805 (VPN-1 VSX NGX) 547070805 (InterSpect 1.x and 2.0) 592070805 (InterSpect NGX)
	Description:	Microsoft Office Publisher Remote Code Execution Protection (MS07-037)


CPAI-2007-086
	Date:
	Update Number:	541070805 (VPN-1 NG R55 Only) 550070805 (VPN-1 NG R55W) 591070805 (VPN-1 NGX R60) 602070805 (VPN-1 NGX R61/R62/R65) 591070805 (VPN-1 VSX NGX) 547070805 (InterSpect 1.x and 2.0) 592070805 (InterSpect NGX) 692070805 (Connectra NGX R61/R62)
	Description:	Microsoft Windows Active Directory LDAP Protections (MS07-039)


CPAI-2007-085
	Date:
	Update Number:	541070805 (VPN-1 NG R55 Only) 550070805 (VPN-1 NG R55W) 591070805 (VPN-1 NGX R60) 602070805 (VPN-1 NGX R61/R62/R65) 591070805 (VPN-1 VSX NGX) 547070805 (InterSpect 1.x and 2.0) 592070805 (InterSpect NGX)
	Description:	Microsoft Excel Remote Code Execution Protection (MS07-036)

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).