November 2007 SmartDefense Services Bulletin

SmartDefense Services Bulletin

November 2007

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

In This Bulletin

About SmartDefense Services
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

Preemptive, ongoing, and real-time updates to defenses and security policies
Ongoing new protocol and application defenses against emerging threats and attacks
Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
Anti-virus updates and alerts for Check Point VPN-1 UTM
Anti-spyware updates for Check Point Integrity Anti-Spyware
Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)

Advisories (Sorted by Severity, then Date)


CPAI-2007-123
	Date:
	Severity:
	Description:	Update Protection against Microsoft Word Malformed String Memory Corruption Vulnerability (MS07-060)
	Sources:	Microsoft Security Bulletin MS07-060
	Vulnerable Systems:	Microsoft Word 2000 Microsoft Word 2002 Microsoft Word 2004 for Mac

CPAI-2007-121
	Date:
	Severity:
	Description:	Update Protection against Microsoft Windows Kodak Image Viewer Code Execution Vulnerability (MS07-055)
	Sources:	Microsoft Security Bulletin MS07-055
	Vulnerable Systems:	Microsoft Windows 2000 Server SP4 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 SP2

CPAI-2007-114
	Date:
	Severity:
	Description:	Update Protection against Microsoft SQL Server Distributed Management Objects Buffer Overflow Vulnerability
	Sources:	Security Focus - ID: 25594
	Vulnerable Systems:	Microsoft SQL Server 2005 SP2

CPAI-2007-113
	Date:
	Severity:
	Description:	Update Protection against Symantec Products ActiveX Control Code Execution Vulnerabilities
	Sources:	FrSIRT/ADV-2007-2822
	Vulnerable Systems:	Symantec Norton Antivirus 2006 Symantec Norton Internet Security 2006 Symantec Norton Internet Security Anti Spyware Edition 2005 Symantec Norton System Works 2006

CPAI-2007-125
	Date:
	Severity:
	Description:	Preemptive Protection against IBM Lotus Domino IMAP Server Buffer Overflow Vulnerability
	Sources:	Secunia Advisory: SA27321
	Vulnerable Systems:	IBM Lotus Domino 6.x prior to 6.5.6 Fix Pack 2 IBM Lotus Domino 7.x prior to 7.0.3

CPAI-2007-124
	Date:
	Severity:
	Description:	Update Protection against Microsoft Windows RPC NTLMSSP Authentication Denial of Service Vulnerability (MS07-058)
	Sources:	Microsoft Security Bulletin MS07-058
	Vulnerable Systems:	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003

CPAI-2007-122
	Date:
	Severity:
	Description:	Update Protection against Microsoft Visual Studio PDWizard.ocx ActiveX Control Code Execution Vulnerability
	Sources:	Secunia Advisory: SA26779
	Vulnerable Systems:	Microsoft Visual Basic 6.0 Microsoft Visual Studio 6.0

CPAI-2007-204
	Date:
	Severity:
	Description:	IPS-1 Protection for Outlook NNTP Vulnerability (CVE-2007-3897/MS07-056)
	Sources:	iDefense Advisory
	Vulnerable Systems:	Outlook Express 5.5 SP2/Outlook Express 6 SP1 under Windows 2000 SP4 Outlook Express 6 under Windows XP, Windows XP Pro, Windows 2003 SP1-SP2 Windows Mail under Vista and Vista x64 Edition

CPAI-2007-119
	Date:
	Severity:
	Description:	Preemptive Protection against Microsoft SharePoint Server Cross-Site Scripting Vulnerability (MS07-059)
	Sources:	Microsoft Security Bulletin MS07-059
	Vulnerable Systems:	Microsoft Windows SharePoint Services 3.0 Microsoft Office SharePoint Server 2007

CPAI-2007-117
	Date:
	Severity:
	Description:	Update Protection against CA eTrust Intrusion Detection CallCode (caller.dll) ActiveX Control Code Execution Vulnerability
	Sources:	Secunia Advisory: SA26134
	Vulnerable Systems:	CA eTrust Intrusion Detection version 3.0 CA eTrust Intrusion Detection version 3.0 SP1

CPAI-2007-116
	Date:
	Severity:
	Description:	Update Protection against IBM and Lenovo Access Support ActiveX Control Code Execution Vulnerabilities
	Sources:	FrSIRT/ADV-2007-2882
	Vulnerable Systems:	IBM "acpcontroller.dll" ActiveX Control versions prior to 1.2.8.0 IBM "acpir.dll" ActiveX Control versions prior to 1.0.0.9

CPAI-2007-112
	Date:
	Severity:
	Description:	Update Protection against VMware Workstation ActiveX Control Command Execution Vulnerability
	Sources:	Security Focus - ID: 25118
	Vulnerable Systems:	VMware Workstation 6.0

CPAI-2007-111
	Date:
	Severity:
	Description:	Update Protection against Ipswitch IMail Server IMAP SEARCH Command Date String Stack Overflow Vulnerability
	Sources:	Secunia Advisory: SA26123
	Vulnerable Systems:	Ipswitch IMail 2006 prior to 2006.21 Ipswitch IMail Plus 2006 prior to 2006.21 Ipswitch IMail Premium 2006 prior to 2006.21

CPAI-2007-118
	Date:
	Severity:
	Description:	Preemptive Protection against EMC VMware Workstation DHCP Service Integer Underflow Vulnerability
	Sources:	Secunia Advisory: SA26890
	Vulnerable Systems:	EMC VMware ACE 1 prior to 1.0.4 EMC VMware ACE 2 prior to 2.0.1 EMC VMware Player 1 prior to 1.0.5 EMC VMware Player 2 prior to 2.0.1 EMC VMware Server 1 Prior to 1.0.4 EMC VMware Worstation 6 prior to 6.0.1 EMC VMware Worstation 5 prior to 5.5.5

CPAI-2007-120
	Date:
	Severity:
	Description:	Update Protection against OpenOffice TIFF File Parsing Integer Overflow Vulnerability
	Sources:	FrSIRT/ADV-2007-3184
	Vulnerable Systems:	OpenOffice.org OpenOffice Prior to 2.3.0

CPAI-2007-205
	Date:
	Severity:
	Description:	IPS-1 Protection Update for Various Enterprise Products (enterprisesoftware Version 1)
	Sources:	eEye Advisory iDefense Advisory
	Vulnerable Systems:	The following vendor advisories have been issued for these vulnerabilities: Computer Associates (CA BrightStor) CA Security Advisory 35673 CA Security Advisory 35675 CA Security Advisory 35676 Trend Micro ServerProtect: Trend Micro Security Advisory

CPAI-2007-115
	Date:
	Severity:
	Description:	Update Protection against Microsoft Visual Studio Crystal Reports RPT File Code Execution Vulnerability (MS07-052)
	Sources:	Microsoft Security Bulletin MS07-052
	Vulnerable Systems:	Visual Studio .NET 2002 SP1 Visual Studio .NET 2003 Visual Studio .NET 2003 SP1 Visual Studio 2005 Visual Studio 2005 SP1

Defense Updates


CPAI-2007-124
	Date:
	Update Number:	591071028 (VPN-1 NGX R60) 602071028 (VPN-1 NGX R61/R62/R65) 592071028 (InterSpect NGX)
	Description:	Microsoft Windows RPC NTLMSSP Authentication Protection (MS07-058)


CPAI-2007-123
	Date:
	Update Number:	591071028 (VPN-1 NGX R60) 602071028 (VPN-1 NGX R61/R62/R65) 592071028 (InterSpect NGX)
	Description:	Microsoft Word Malformed String Memory Corruption Protection (MS07-060)


CPAI-2007-122
	Date:
	Update Number:	541071028 (VPN-1 NG R55 Only) 591071028 (VPN-1 NGX R60) 602071028 (VPN-1 NGX R61/R62/R65) 591071028 (VPN-1 VSX NGX) 592071028 (InterSpect NGX)
	Description:	Microsoft Visual Studio PDWizard.ocx Protection


CPAI-2007-121
	Date:
	Update Number:	591071028 (VPN-1 NGX R60) 602071028 (VPN-1 NGX R61/R62/R65) 592071028 (InterSpect NGX)
	Description:	Microsoft Windows Kodak Image Viewer Protection (MS07-055)


CPAI-2007-120
	Date:
	Update Number:	591071028 (VPN-1 NGX R60) 602071028 (VPN-1 NGX R61/R62/R65) 592071028 (InterSpect NGX)
	Description:	OpenOffice TIFF File Parsing Protection


SBP-2007-10
	Date:
	Update Number:	591071028 (VPN-1 NGX R60) 602071028 (VPN-1 NGX R61/R62/R65) 592071028 (InterSpect NGX)
	Description:	Blocking QQ Instant Messenger


SBP-2007-09
	Date:
	Update Number:	591071028 (VPN-1 NGX R60) 602071028 (VPN-1 NGX R61/R62/R65) 592071028 (InterSpect NGX)
	Description:	New Feature for the Block FTP Brute Force Attacks Protection


CPAI-2007-117
	Date:
	Update Number:	591071009 (VPN-1 NGX R60) 602071009 (VPN-1 NGX R61/R62/R65) 591071009 (VPN-1 VSX NGX) 592071009 (InterSpect NGX)
	Description:	CA eTrust Intrusion Detection (caller.dll) ActiveX Control Protection


CPAI-2007-116
	Date:
	Update Number:	541071009 (VPN-1 NG R55 Only) 591071009 (VPN-1 NGX R60) 602071009 (VPN-1 NGX R61/R62/R65) 591071009 (VPN-1 VSX NGX) 592071009 (InterSpect NGX)
	Description:	IBM and Lenovo Access Support ActiveX Control Protections


CPAI-2007-115
	Date:
	Update Number:	541071009 (VPN-1 NG R55 Only) 591071009 (VPN-1 NGX R60) 602071009 (VPN-1 NGX R61/R62/R65) 591071009 (VPN-1 VSX NGX) 592071009 (InterSpect NGX)
	Description:	Microsoft Visual Studio Crystal Reports RPT File Protection (MS07-052)


CPAI-2007-114
	Date:
	Update Number:	541071009 (VPN-1 NG R55 Only) 591071009 (VPN-1 NGX R60) 602071009 (VPN-1 NGX R61/R62/R65) 591071009 (VPN-1 VSX NGX) 592071009 (InterSpect NGX)
	Description:	Microsoft SQL Server Distributed Management Objects Protection


CPAI-2007-113
	Date:
	Update Number:	541071009 (VPN-1 NG R55 Only) 591071009 (VPN-1 NGX R60) 602071009 (VPN-1 NGX R61/R62/R65) 591071009 (VPN-1 VSX NGX) 592071009 (InterSpect NGX)
	Description:	Symantec Products ActiveX Control Protection


CPAI-2007-112
	Date:
	Update Number:	541071009 (VPN-1 NG R55 Only) 591071009 (VPN-1 NGX R60) 602071009 (VPN-1 NGX R61/R62/R65) 591071009 (VPN-1 VSX NGX) 592071009 (InterSpect NGX)
	Description:	VMware Workstation ActiveX Control Protection


CPAI-2007-111
	Date:
	Update Number:	541071009 (VPN-1 NG R55 Only) 591071009 (VPN-1 NGX R60) 602071009 (VPN-1 NGX R61/R62/R65) 591071009 (VPN-1 VSX NGX) 592071009 (InterSpect NGX) 692070821 (Connectra NGX R61/R62)
	Description:	Ipswitch IMail Server IMAP SEARCH Command Date String Protection

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).