SDS Banner

SmartDefense Services Bulletin
March 2008

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
What's New
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Messaging Security updates (providing comprehensive protection for email infrastructures) for UTM-1 Total Security appliances and VPN-1 UTM Total Security software licenses
  • Anti-virus updates and alerts for Check Point VPN-1 UTM
  • Anti-spyware updates for Check Point Endpoint Security
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Check Point Endpoint Security)
What's New

Messaging Security – Protect Your Email Infrastructure

Messaging Security from Check Point provides comprehensive protection for an organization's messaging infrastructure.  The multi-dimensional approach protects the email infrastructure, provides highly accurate spam protection, and defends organizations from a wide variety of virus and malware threats within email.  Messaging Security is available as part of Check Point UTM-1 Total Security offerings, including UTM-1 Total Security appliances and VPN-1 UTM Total Security software licenses.  Click here for more information. (http://www.checkpoint.com/defense/advisories/public/messaging/index.html.)

 

Advisories (Sorted by Severity, then Date)
CPAI-2008-205
  Date:
  Severity:
  Description: IPS-1 Updates against Adobe, Microsoft Windows, Microsoft DirectShow and OpenOffice.org Vulnerabilities
  Sources: FrSIRT/ADV-2007-1215
Secunia Advisory: SA28010
ISS X-Force Database: 34843
ISS X-Force Database: 35337
  Vulnerable Systems: Adobe Flash Player 9.0.45.0 and earlier
Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows Server 2003 Gold, SP1, and SP2
Microsoft Vista
Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0
OpenOffice.org (OOo) 2.2.1 and earlier
     
CPAI-2008-204
  Date:
  Severity:
  Description: Update IPS-1 with a Protection against Apple QuickTime and Apple QuickDraw Vulnerabilities
  Sources:
  Vulnerable Systems: Apple Quicktime 7.1.5 and other versions before 7.2
Apple Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier
Apple QuickTime before 7.3
     
CPAI-2008-027
  Date:
  Severity:
  Description: Update Protection against Microsoft Word Memory Corruption Vulnerability (MS08-009)
  Sources: Microsoft Security Bulletin MS08-009
  Vulnerable Systems: Microsoft Word 2000 SP3
Microsoft Word 2002 SP3
Microsoft Word 2003 SP2
Microsoft Office 2004 for Mac
     
CPAI-2008-025
  Date:
  Severity:
  Description: Update Protection against Microsoft Argument Handling Memory Corruption Vulnerability (MS08-010)
  Sources: Microsoft Security Bulletin MS08-010
  Vulnerable Systems: Internet Explorer 7
Internet Explorer 6 SP1
Internet Explorer 6
Internet Explorer 5.01 SP4
     
CPAI-2008-024
  Date:
  Severity:
  Description: Update Protection against Microsoft Property Memory Corruption Vulnerability (MS08-010)
  Sources: Microsoft Security Bulletin MS08-010
  Vulnerable Systems: Internet Explorer 7
Internet Explorer 6 SP1
Internet Explorer 6
Internet Explorer 5.01 SP4
     
CPAI-2008-023
  Date:
  Severity:
  Description: Update Protection against Microsoft HTML Rendering Memory Corruption Vulnerability (MS08-010)
  Sources: Microsoft Security Bulletin MS08-010
  Vulnerable Systems: Internet Explorer 7
Internet Explorer 6 SP1
Internet Explorer 6
Internet Explorer 5.01 SP4
     
CPAI-2008-022
  Date:
  Severity:
  Description: Update Protection against Microsoft Visual FoxPro ActiveX Object Memory Corruption Vulnerability (MS08-010)
  Sources: Microsoft Security Bulletin MS08-010
  Vulnerable Systems: Internet Explorer 7
Internet Explorer 6 SP1
Internet Explorer 6
Internet Explorer 5.01 SP4
     
CPAI-2008-021
  Date:
  Severity:
  Description: Update Protection against Microsoft WebDAV Mini-Redirector Remote Code Execution Vulnerability (MS08-007)
  Sources: Microsoft Security Bulletin MS08-007
  Vulnerable Systems: Windows XP SP2
Windows XP Professional x64 Edition
Windows XP Professional x64 Edition SP2
Windows Server 2003 SP1
Windows Server 2003 SP2
Windows Server 2003 x64 Edition
Windows 2003 Server x64 Edition SP2
Windows Server 2003 with SP1 (Itanium)
Windows Server 2003 with SP2 (Itanium)
Windows Vista
Windows Vista x64 Edition
     
CPAI-2008-020
  Date:
  Severity:
  Description: Update Protection against Microsoft OLE Automation Remote Code Execution Vulnerability (MS08-008)
  Sources: Microsoft Security Bulletin MS08-008
  Vulnerable Systems: Windows 2000 SP4
Windows XP SP2
Windows XP Professional x64 Edition
Windows XP Professional x64 Edition SP2
Windows Server 2003 SP1
Windows Server 2003 SP2
Windows Server 2003 x64 Edition
Windows Server 2003 x64 Edition SP2
Windows Server 2003 with SP1 (Itanium)
Windows Server 2003 with SP2 (Itanium)
Windows Vista
Windows Vista x64 Edition
Microsoft Office 2004 for Mac
Microsoft Visual Basic 6.0 SP6
     
CPAI-2008-032
  Date:
  Severity:
  Description: Preemptive Protection against Novell Client nwspool.dll EnumPrinters Function Buffer Overflow Vulnerability
  Sources: Secunia Advisory: SA28895
  Vulnerable Systems: Novell Client for Windows 4.91 SP2
Novell Client for Windows 4.91 SP3
Novell Client for Windows 4.91 SP4
     
CPAI-2008-031
  Date:
  Severity:
  Description: Preemptive Protection against Microsoft Internet Information Services Cross-Site Scripting Vulnerability (MS08-006)
  Sources: Microsoft Security Bulletin MS08-006
  Vulnerable Systems: Microsoft Internet Information Services (IIS) 6.0
Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP2
     
CPAI-2008-030
  Date:
  Severity:
  Description: Update Protection against Microsoft LDAP Active Directory Denial of Service Vulnerability (MS08-003)
  Sources: Microsoft Security Bulletin MS08-003
  Vulnerable Systems: Active Directory on Microsoft Windows 2000 SP4
ADAM on Windows XP SP2
Active Directory on Windows Server 2003 SP1
Active Directory on Windows Server 2003 SP2
ADAM on Windows Server 2003 SP1
ADAM on Windows Server 2003 SP2
Active Directory on Windows Server 2003 x64 Edition SP1
Active Directory on Windows Server 2003 x64 Edition SP2
ADAM on Windows Server 2003 x64 Edition SP1
ADAM on Windows Server 2003 x64 Edition SP2
Active Directory on Windows Server 2003 with SP1 (Itanium)
Active Directory on Windows Server 2003 with SP2 (Itanium)
     
CPAI-2008-029
  Date:
  Severity:
  Description: Update Protection against Multiple Microsoft Works Remote Code Execution Vulnerabilities (MS08-011)
  Sources: Microsoft Security Bulletin MS08-011
  Vulnerable Systems: Microsoft Works 6 File Converter on Microsoft Office 2004
Microsoft Works 6 File Converter on Microsoft Works 8.1
Microsoft Works 6 File Converter on Microsoft Works Suite 2006
     
CPAI-2008-026
  Date:
  Severity:
  Description: Update Protection against Microsoft TCP/IP DHCP Denial Of Service Vulnerability (MS08-004)
  Sources: Microsoft Security Bulletin MS08-004
  Vulnerable Systems: Windows Vista
Windows Vista x64 Edition
     
CPAI-2008-018
  Date:
  Severity:
  Description: Update Protection against Microsoft Rich Textbox Control SaveFile File Overwrite Vulnerability
  Sources: ISS X-Force Databse: 39557
  Vulnerable Systems: Microsoft Visual Studio 6.0
     
CPAI-2008-017
  Date:
  Severity:
  Description: Update Protections against Recent Malware Threats (04-Feb-08)
  Sources: http://www.emsisoft.com/en/malware/?Adware.Win32.Direct.Toolbar
http://www.spywareguide.com/spydet_3578_search4top.html
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-011
  Date:
  Severity:
  Description: Update Protection against LinkedIn Internet Explorer Toolbar IEContextMenu ActiveX Control Code Execution Vulnerability
  Sources: Secunia Advisory: SA26181
  Vulnerable Systems: LinkedIn Internet Explorer Toolbar 3.0.2.1098
     
CPAI-2008-008
  Date:
  Severity:
  Description: Update Protection against Yahoo! Toolbar URL Shortcut ActiveX Control Buffer Overflow Vulnerability
  Sources: ISS X-Force Databse: 39155
  Vulnerable Systems: Yahoo! Yahoo! Toolbar 1.4.1 and prior
Yahoo! Widgets 4.5.1 and prior
Yahoo! Messenger 8.1.0.421 and prior
     
CPAI-2008-202
  Date:
  Severity:
  Description: IPS-1 Protection Updates for Vulnerabilities in Microsoft Windows and Asterisk and IPS-1 Protocol and Protocol Subsystems Updates
  Sources: Microsoft Security Bulletin MS06-032
VOIPSEC
  Vulnerable Systems: Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier
Asterisk before 1.2.17 and 1.4.x before 1.4.2
     
CPAI-2008-034
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.211.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-019
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.208.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-206
  Date:
  Severity:
  Description: IPS-1 TCP Protocol Updates
  Sources: SmartDefense Research Center
  Vulnerable Systems:
     
Defense Updates
CPAI-2008-207
  Date:
  Update Number: 506080229 (IPS-1)
  Description: Protection Updates for yradius and Cisco IOS Vulnerabilities and IPS-1 Protocol and Protocol Subsystem Updates
     
CPAI-2008-034
  Date:
  Update Number: 692080227 (Connectra NGX R61/R62)
691080227 (Connectra NGX R60)
  Description: Integrity Clientless Security (ICS) Update 3.7.211.0
     
CPAI-2008-030
  Date:
  Update Number: 591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
  Description: Microsoft LDAP Active Directory Denial of Service Protection (MS08-003)
     
CPAI-2008-029
  Date:
  Update Number: 591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
  Description: Microsoft Works Remote Code Execution Protections (MS08-011)
     
CPAI-2008-027
  Date:
  Update Number: 591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
  Description: Microsoft Word Memory Corruption Protection (MS08-009)
     
CPAI-2008-026
  Date:
  Update Number: 591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
  Description: Microsoft TCP/IP DHCP Denial of Service Protection (MS08-004)
     
CPAI-2008-025
  Date:
  Update Number: 541080221 (VPN-1 NG R55 only)
591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
  Description: Microsoft Argument Handling Memory Corruption Protection (MS08-010)
     
CPAI-2008-024
  Date:
  Update Number: 541080221 (VPN-1 NG R55 only)
591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
592080221 (InterSpect NGX)
  Description: Microsoft Property Memory Corruption Protection (MS08-010)
     
CPAI-2008-023
  Date:
  Update Number: 541080221 (VPN-1 NG R55 only)
591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
592080221 (InterSpect NGX)
  Description: Microsoft HTML Rendering Memory Corruption Protection (MS08-010)
     
CPAI-2008-022
  Date:
  Update Number: 541080221 (VPN-1 NG R55 only)
591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
592080221 (InterSpect NGX)
  Description: Microsoft Visual FoxPro ActiveX Object Memory Corruption Protection (MS08-010)
     
CPAI-2008-021
  Date:
  Update Number: 591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
592080221 (InterSpect NGX)
  Description: Microsoft WebDAV Mini-Redirector Remote Code Execution Protection (MS08-007)
     
CPAI-2008-020
  Date:
  Update Number: 541080221 (VPN-1 NG R55 only)
591080221 (VPN-1 NGX R60)
602080221 (VPN-1 VSX NGX)
592080221 (InterSpect NGX)
  Description: Microsoft OLE Automation Remote Code Execution Protection (MS08-008)
     
CPAI-2008-206
  Date:
  Update Number: 506080221 (IPS-1)
  Description: TCP Protocol Updates
     
CPAI-2008-205
  Date:
  Update Number: 506080221 (IPS-1)
  Description: Protection Updates for Adobe, Microsoft Windows, Microsoft DirectShow and OpenOffice.org Vulnerabilities
     
CPAI-2008-204
  Date:
  Update Number: 506080221 (IPS-1)
  Description: Protection Updates for Apple QuickTime and Apple QuickDraw Vulnerabilities CPAI-2008-204
     
CPA1-2008-203
  Date:
  Update Number: 506080221 (IPS-1)
  Description: AOL Instant Messenger Updates
     
CPAI-2008-030
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft LDAP Active Directory Denial of Service Protection (MS08-003)
     
CPAI-2008-029
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft Works Remote Code Execution Protections (MS08-011)
     
CPAI-2008-027
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft Word Memory Corruption Protection (MS08-009)
     
CPAI-2008-026
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft TCP/IP DHCP Denial of Service Protection (MS08-004)
     
CPAI-2008-025
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft Argument Handling Memory Corruption Protection (MS08-010)
     
CPAI-2008-024
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft Property Memory Corruption Protection (MS08-010)
     
CPAI-2008-023
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft HTML Rendering Memory Corruption Protection (MS08-010)
     
CPAI-2008-022
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft Visual FoxPro ActiveX Object Memory Corruption Protection (MS08-010)
     
CPAI-2008-021
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft WebDAV Mini-Redirector Remote Code Execution Protection (MS08-007)
     
CPAI-2008-020
  Date:
  Update Number: 602080212 (VPN-1 NGX R61/R62/R65)
  Description: Microsoft OLE Automation Remote Code Execution Protection (MS08-008)
     
CPAI-2008-019
  Date:
  Update Number: 692080206 (Connectra NGX R61/R62)
691080206 (Connectra NGX R60)
  Description: Integrity Clientless Security (ICS) Update 3.7.208.0
     
CPAI-2008-202
  Date:
  Update Number: 506080221 (IPS-1)
  Description: Proctection Updates for OpenBSD, Microsoft Windows, Samba, Microsoft Message Queuing (MSMQ) and HP OpenView Network Node Manager (OV NNM) and IPS-1 Protocol and Protocol Subsystem Updates
     
CPAI-2008-018
  Date:
  Update Number: 541080203 (VPN-1 NG R55 only)
591080203 (VPN-1 NGX R60)
602080203 (VPN-1 NGX R61/R62/R65)
602080203 (VPN-1 VSX NGX)
592080203 (InterSpect NGX)
  Description: Microsoft Rich Textbox Control SaveFile File Overwrite Protection
     
CPAI-2008-017
  Date:
  Update Number: 541080203 (VPN-1 NG R554/R55)
591080203 (VPN-1 NGX R60)
602080203 (VPN-1 NGX R61/R62/R65)
602080203 (VPN-1 VSX NGX)
592080203 (InterSpect NGX)
  Description: Protections against Recent Malware Threats (04-Feb-08)
     
CPAI-2008-011
  Date:
  Update Number: 541080203 (VPN-1 NG R55 only)
591080203 (VPN-1 NGX R60)
602080203 (VPN-1 NGX R61/R62/R65)
602080203 (VPN-1 VSX NGX)
592080203 (InterSpect NGX)
  Description: LinkedIn IE Toolbar ActiveX Control Code Execution Protection
     
CPAI-2008-008
  Date:
  Update Number: 541080203 (VPN-1 NG R55 only)
591080203 (VPN-1 NGX R60)
602080203 (VPN-1 NGX R61/R62/R65)
602080203 (VPN-1 VSX NGX)
592080203 (InterSpect NGX)
  Description: Yahoo! Toolbar URL Shortcut ActiveX Control Buffer Overflow Protection
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065