SDS Banner

SmartDefense Services Bulletin
December 2007

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Anti-virus updates and alerts for Check Point VPN-1 UTM
  • Anti-spyware updates for Check Point Integrity Anti-Spyware 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Integrity)
Advisories (Sorted by Severity, then Date)
CPAI-2007-126
  Date:
  Severity:
  Description: Update Protection against MIT Kerberos kadmind RPC Library RPCSEC_GSS Authentication Buffer Overflow Vulnerability
  Sources: Secunia Advisory: SA26676
  Vulnerable Systems: MIT Kerberos krb5-1.4 to krb5-1.6.2
     
CPAI-2007-131
  Date:
  Severity:
  Description: Update Protection against Apple QuickTime PICT Image Stack Overflow Vulnerability
  Sources: Secunia Advisory: SA27523
  Vulnerable Systems: Apple Computer QuickTime prior to 7.3
     
CPAI-2007-130
  Date:
  Severity:
  Description: Update Protection against Microsoft Windows ShellExecute and Internet Explorer 7 Code Execution Vulnerability
  Sources: Microsoft Security Advisory (943521)
  Vulnerable Systems: Microsoft Windows XP
Microsoft Windows Server 2003
     
CPAI-2007-133
  Date:
  Severity:
  Description: Preemptive Protection against Microsoft Windows DNS Server Spoofing Vulnerability (MS07-062)
  Sources: Microsoft Security Bulletin MS07-062
  Vulnerable Systems: Microsoft Windows 2000 Server SP4
Windows Server 2003 SP1
Windows Server 2003 SP2
Windows Server 2003 x64 Edition
Windows Server 2003 x64 Edition SP2
Windows Server 2003 with SP1 (Itanium)
Windows Server 2003 with SP2 (Itanium)
     
CPAI-2007-128
  Date:
  Severity:
  Description: Update Protection against Microsoft Windows MFC Library FileFind Class Heap Overflow Vulnerability
  Sources: Secunia Advisory: SA26800
  Vulnerable Systems: HP All-in-One Series Web Release
HP Photo & Imaging Gallery 1.1
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows 2003
Microsoft Visual Studio 2005
Microsoft Visual Studio 6.0
Microsoft Visual Studio .NET
     
CPAI-2007-127
  Date:
  Severity:
  Description: Update Protection against Sun Microsystems JRE Memory Exception Vulnerability
  Sources: SecurityFocus: 25734
  Vulnerable Systems: Sun Microsystems Java Web Start 1.6 and prior
Sun Microsystems Java Development Kit (JDK) 6 Update 2
Sun Microsystems Java Runtime Environment (JRE) 6 Update 2
     
CPAI-2007-102
  Date:
  Severity:
  Description: Update Protection against Microsoft Windows Media Player Skin Parsing Code Execution Vulnerability (MS07-047)
  Sources: Microsoft Security Bulletin MS07-047
  Vulnerable Systems: Microsoft Windows Media Player 7.1
Microsoft Windows Media Player 9
Microsoft Windows Media Player 10
Microsoft Windows Media Player 11
     
CPAI-2007-132
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.191.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2007-129
  Date:
  Severity:
  Description: Update Protections against Recent Malware Threats (7-Nov-07)
  Sources: http://www.spyany.com/program/article_ad_rm_NewDotNet.html
http://www.spywareguide.com/spydet_2839_trojan_media_codec.html
http://www.sophos.com/virusinfo/analyses/trojtrolla.html
  Vulnerable Systems: Microsoft Windows clients
     
Defense Updates
CPAI-2007-131
  Date:
  Update Number: 541071115 (VPN-1 NG R55 Only)
591071115 (VPN-1 NGX R60)
602071115 (VPN-1 NGX R61/R62/R65)
591071115 (VPN-1 VSX NGX)
592071115 (InterSpect NGX)
  Description: Apple QuickTime PICT Image Stack Overflow Protection
     
CPAI-2007-130
  Date:
  Update Number: 591071115 (VPN-1 NGX R60)
602071115 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft Windows ShellExecute Protection
     
CPAI-2007-128
  Date:
  Update Number: 541071115 (VPN-1 NG R55 Only)
591071115 (VPN-1 VSX NGX)
  Description: Microsoft Windows MFC Library FileFind Class Heap Overflow Protection - R55 Only
     
CPAI-2007-127
  Date:
  Update Number: 541071115 (VPN-1 NG R55 Only)
591071115 (VPN-1 VSX NGX)
  Description: Sun Microsystems JRE Memory Exception Protection - R55 Only
     
CPAI-2007-132
  Date:
  Update Number: 692071112 (Connectra NGX R61/R62)
691071112 (Connectra NGX R60)
  Description: Integrity Clientless Security (ICS) Update 3.7.191.0
     
CPAI-2007-129
  Date:
  Update Number: 541071106 (VPN-1 NG R54/R55)
591071106 (VPN-1 NGX R60)
602071106 (VPN-1 NGX R61/R62/R65)
591071106 (VPN-1 VSX NGX)
592071106 (InterSpect NGX)
  Description: Protections against Recent Malware Threats (7-Nov-07)
     
CPAI-2007-128
  Date:
  Update Number: 591071106 (VPN-1 NGX R60)
602071106 (VPN-1 NGX R61/R62/R65)
592071106 (InterSpect NGX)
  Description: Microsoft Windows MFC Library FileFind Class Heap Overflow Protection
     
CPAI-2007-127
  Date:
  Update Number: 591071106 (VPN-1 NGX R60)
602071106 (VPN-1 NGX R61/R62/R65)
592071106 (InterSpect NGX)
  Description: Sun Microsystems JRE Memory Exception Protection
     
CPAI-2007-126
  Date:
  Update Number: 692071106 (Connectra NGX R61/R62)
541071106 (VPN-1 NG R55 Only)
591071106 (VPN-1 NGX R60)
602071106 (VPN-1 NGX R61/R62/R65)
591071106 (VPN-1 VSX NGX)
592071106 (InterSpect NGX)
  Description: MIT Kerberos kadmind RPC Library RPCSEC_GSS Authentication Protection
     
CPAI-2007-102
  Date:
  Update Number: 541071106 (VPN-1 NG R55 Only)
591071106 (VPN-1 NGX R60)
602071106 (VPN-1 NGX R61/R62/R65)
591071106 (VPN-1 VSX NGX)
592071106 (InterSpect NGX)
  Description: Microsoft Windows Media Player Skin Parsing Protection (MS07-047)
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065