SDS Banner

SmartDefense Services Bulletin
April 2008

Greetings! This bulletin features Check Point SmartDefense Services highlights for the month of . Please feel free to email us if you have any comments or questions.

To sign-up to the mailing list, send an email to listserv@amadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. If you'd like to unsubscribe from this bulletin, send an email to listserv@amadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" in the email body.

 
In This Bulletin

About SmartDefense Services
What's New
Advisories
Defense Updates

About SmartDefense Services

Check Point SmartDefense Services maintain the most current preemptive security for your Check Point security infrastructure. To help your defenses stay continuously ahead of today’s constantly evolving threat landscape, SmartDefense Services provide:

  • Preemptive, ongoing, and real-time updates to defenses and security policies
  • Ongoing new protocol and application defenses against emerging threats and attacks
  • Step-by-step instructions on how to activate and configure defenses against emerging threats and vulnerabilities – usually before exploits are created by hackers
  • Messaging Security updates (providing comprehensive protection for email infrastructures) for UTM-1 Total Security appliances and VPN-1 UTM Total Security software licenses
  • Anti-virus updates and alerts for Check Point VPN-1 UTM
  • Anti-spyware updates for Check Point Endpoint Security 
  • Malicious applications database for automating network access and malware termination policies (Program Advisor Service for Check Point Endpoint Security)
What's New

Messaging Security -- Protect your Email Infrastructure

Messaging Security from Check Point provides comprehensive protection for an organization's messaging infrastructure. The multi-dimensional approach protects the email infrastructure, provides highly accurate spam protection, defends organizations from a wide variety of virus and malware threats within email. Messaging Security is available as part of Check Point UTM-1 Total Security offerings, including UTM-1 Total Security appliances and VPN-1 UTM Total Security software licenses. Click here for more information (http://www.checkpoint.com/defense/advisories/public/messaging/index.html).

Advisories (Sorted by Severity, then Date)
CPAI-2008-044
  Date:
  Severity:
  Description: Update Protection against Microsoft Excel Style Record Vulnerability (MS08-014)
  Sources: Microsoft Security Bulletin MS08-014
  Vulnerable Systems: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
2007 Microsoft Office System
Microsoft Office Excel Viewer 2003
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
     
CPAI-2008-043
  Date:
  Severity:
  Description: Update Protection against Microsoft Excel Rich Text Validation Vulnerability (MS08-014)
  Sources: Microsoft Security Bulletin MS08-014
  Vulnerable Systems: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
2007 Microsoft Office System
Microsoft Office Excel Viewer 2003
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
     
CPAI-2008-042
  Date:
  Severity:
  Description: Update Protection against Microsoft Excel Formula Parsing Vulnerability (MS08-014)
  Sources: Microsoft Security Bulletin MS08-014
  Vulnerable Systems: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
2007 Microsoft Office System
Microsoft Office Excel Viewer 2003
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
     
CPAI-2008-041
  Date:
  Severity:
  Description: Update Protection against Microsoft Excel Conditional Formatting Vulnerability (MS08-014)
  Sources: Microsoft Security Bulletin MS08-014
  Vulnerable Systems: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
2007 Microsoft Office System
Microsoft Office Excel Viewer 2003
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
     
CPAI-2008-039
  Date:
  Severity:
  Description: Update Protection against Microsoft Office PowerPoint Memory Corruption Vulnerability (MS08-016)
  Sources: Microsoft Security Bulletin MS08-016
  Vulnerable Systems: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
Microsoft Office Excel Viewer 2003
Microsoft Office Excel Viewer 2003 SP3
Microsoft Office 2004 for Mac
     
CPAI-2008-038
  Date:
  Severity:
  Description: Update Protection against Microsoft Office Cell Parsing Memory Corruption Vulnerability (MS08-016)
  Sources: Microsoft Security Bulletin MS08-016
  Vulnerable Systems: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
Microsoft Office Excel Viewer 2003
Microsoft Office Excel Viewer 2003 SP3
Microsoft Office 2004 for Mac
     
CPAI-2008-037
  Date:
  Severity:
  Description: Update Protection against Microsoft Excel Data Validation Record Vulnerability (MS08-014)
  Sources: Microsoft Security Bulletin MS08-014
  Vulnerable Systems: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
2007 Microsoft Office System
Microsoft Office Excel Viewer 2003
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
     
CPAI-2008-036
  Date:
  Severity:
  Description: Update Protection against Microsoft Outlook Crafted URI Remote Code Execution Vulnerability (MS08-015)
  Sources: Microsoft Security Bulletin MS08-015
  Vulnerable Systems: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP3
2007 Microsoft Office System
     
CPAI-2008-035
  Date:
  Severity:
  Description: Update Protection against Microsoft Office Web Components Remote Code Execution Vulnerability (MS08-017)
  Sources: Microsoft Security Bulletin MS08-017
  Vulnerable Systems: Microsoft Office 2000 SP3
Microsoft Office XP SP3
Visual Studio .NET 2002 Enterprise Architect/Developer SP1 
Visual Studio .NET 2003 Enterprise Architect/Developer
Visual Studio .NET 2003 Enterprise Architect/Developer SP1
Microsoft BizTalk Server 2002
Microsoft Commerce Server 2000
Internet Security and Acceleration Server 2000 Enterprise/Standard Edition SP2
     
CPAI-2008-045
  Date:
  Severity:
  Description: Update Protections against Recent Malware Threats (26-Mar-08)
  Sources: http://www.2squared.com/glossary_details.php?ID=133895
http://spywaresignatures.com/details.php?spyware=kword.interkey
http://spywaresignatures.com/details.php?spyware=eclickztoolbar
http://www.paretologic.com/resources/definitions.aspx?remove=Locmag%20Toolbar
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-040
  Date:
  Severity:
  Description: Preemptive Protection against Microsoft Excel Macro Validation Remote Code Execution Vulnerability (MS08-014)
  Sources: Microsoft Security Bulletin MS08-014
  Vulnerable Systems: Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003 prior to SP3
Microsoft Excel 2004 for Mac
Microsoft Excel Viewer 2003
Microsoft Office 2000
Microsoft Office 2003 prior to SP3
Microsoft Office XP
     
CPAI-2008-033
  Date:
  Severity:
  Description: Update Protections against Recent Malware Threats (2-Mar-08)
  Sources: http://www.spywareremove.com/removeHDTBar.html
http://www.fbmsoftware.com/spyware-net/application/Dealio_Toolbar/
http://www.spywareremove.com/removeEZTracks.html
http://www.spywareguide.com/product_show.php?id=3367
http://www.spywareremove.com/removeBaiduBar.html
http://www.emsisoft.com/en/malware/?Adware.Win32.Softomate.ag
http://research.sunbelt-software.com/threatdisplay.aspx?name=PeoplePal%20Toolbar&threatid=48411
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-047
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.217.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-046
  Date:
  Severity:
  Description: Preemptive Protection against Alt-N MDaemon IMAP Server FETCH Command Buffer Overflow Vulnerability
  Sources: Secunia Advisory: SA29382
  Vulnerable Systems: Alt-N Technologies MDaemon 9.6.4
     
CPAI-2008-028
  Date:
  Severity:
  Description: Integrity Clientless Security (ICS) Update 3.7.214.0
  Sources: SmartDefense Research Center
  Vulnerable Systems: Microsoft Windows clients
     
CPAI-2008-208
  Date:
  Severity:
  Description: IPS-1 Protocol and Protocol Subsystems Configuration Changes
  Sources: SmartDefense Research Center
  Vulnerable Systems: No new vulnerabilities have been detected, but IPS-1 users should make sure that all the Sensors on their network are updated with this most recent release.
     
CPAI-2008-207
  Date:
  Severity:
  Description: IPS-1 Protection Updates for yardradius and Cisco IOS Vulnerabilities and IPS-1 Protocol and Protocol Subsystems Updates
  Sources: DEBIAN:DSA-598
CISCO:20050629 RADIUS Authentication Bypass
  Vulnerable Systems: yardradius 1.0.20
Cisco IOS 12.2T through 12.4
     
Defense Updates
CPAI-2008-047
  Date:
  Update Number: 692080326 (Connectra NGX R61/R62)
691080326 (Connectra NGX R60)
  Description: Integrity Clientless Security (ICS) Update 3.7.217.0
     
CPAI-2008-045
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
602080325 (VPN-1 NGX R61/R62/R65)
602080325 (VPN-1 VSX NGX)
592080325 (InterSpect NGX)
602080325 (VPN-1 VSX NGX R65)
  Description: Protections against Recent Malware Threats (26-Mar-08)
     
CPAI-2008-044
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
  Description: Microsoft Excel Style Record Protection (MS08-014)
     
CPAI-2008-043
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
  Description: 591080325 Microsoft Excel Rich Text Validation Protection (MS08-014)
     
CPAI-2008-042
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
  Description: Microsoft Excel Formula Parsing Protection (MS08-014)
     
CPAI-2008-041
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
  Description: Microsoft Excel Conditional Formatting Protection (MS08-014)
     
CPAI-2008-039
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
  Description: Microsoft Office PowerPoint Memory Corruption Protection (MS08-016)
     
CPAI-2008-038
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
  Description: Microsoft Office Cell Parsing Memory Corruption Protection (MS08-016)
     
CPAI-2008-037
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
  Description: Microsoft Excel Data Validation Record Protection (MS08-014)
     
CPAI-2008-036
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
592080325 (InterSpect NGX)
  Description: Microsoft Outlook Crafted URI Code Execution Protection (MS08-015)
     
CPAI-2008-035
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
592080325 (InterSpect NGX)
  Description: Microsoft Office Web Components Code Execution Protection (MS08-017)
     
CPAI-2008-044
  Date:
  Update Number: 602080317 (VPN-1 NGX R61/R62/R65)
602080317 (VPN-1 VSX NGX R65)
  Description: Microsoft Excel Style Record Protection (MS08-014)
     
CPAI-2008-043
  Date:
  Update Number: 602080317 (VPN-1 NGX R61/R62/R65)
602080317 (VPN-1 VSX NGX R65)
  Description: Microsoft Excel Rich Text Validation Protection (MS08-014)
     
CPAI-2008-028
  Date:
  Update Number: 692080312 (Connectra NGX R61/R62)
691080312 (Connectra NGX R60)
  Description: Integrity Clientless Security (ICS) Update 3.7.214.0
     
CPAI-2008-042
  Date:
  Update Number: 602080310 (VPN-1 NGX R61/R62/R65)
602080310 (VPN-1 VSX NGX R65)
  Description: Microsoft Excel Formula Parsing Protection (MS08-014)
     
CPAI-2008-041
  Date:
  Update Number: 602080310 (VPN-1 NGX R61/R62/R65)
602080310 (VPN-1 VSX NGX R65)
  Description: Microsoft Excel Conditional Formatting Protection (MS08-014)
     
CPAI-2008-039
  Date:
  Update Number: 602080310 (VPN-1 NGX R61/R62/R65)
602080310 (VPN-1 VSX NGX R65)
  Description: Microsoft Office PowerPoint Memory Corruption Protection (MS08-016)
     
CPAI-2008-038
  Date:
  Update Number: 602080310 (VPN-1 NGX R61/R62/R65)
602080310 (VPN-1 VSX NGX R65)
  Description: Microsoft Office Cell Parsing Memory Corruption Protection (MS08-016)
     
CPAI-2008-037
  Date:
  Update Number: 602080310 (VPN-1 NGX R61/R62/R65)
602080310 (VPN-1 VSX NGX R65)
  Description: Microsoft Excel Data Validation Record Protection (MS08-014)
     
CPAI-2008-036
  Date:
  Update Number: 602080310 (VPN-1 NGX R61/R62/R65)
602080310 (VPN-1 VSX NGX R65)
  Description: Microsoft Outlook Crafted URI Code Execution Protection (MS08-015)
     
CPAI-2008-035
  Date:
  Update Number: 602080310 (VPN-1 NGX R61/R62/R65)
602080310 (VPN-1 VSX NGX R65)
  Description: Microsoft Office Web Components Code Execution Protection (MS08-017)
     
CPAI-2008-208
  Date:
  Update Number: 506080306 (IPS-1)
  Description: IPS-1 Protocol and Protocol Subsystems Configuration Changes
     
CPAI-2008-033
  Date:
  Update Number: 541080302 (VPN-1 NG R54/R55)
591080302 (VPN-1 NGX R60)
602080302 (VPN-1 NGX R61/R62/R65)
602080302 (VPN-1 VSX NGX)
592080302 (InterSpect NGX)
602080302 (VPN-1 VSX NGX R65)
692080302 (Connectra NGX R61/R62)
  Description: Protections against Recent Malware Threats (2-Mar-08)
     
SBP-2008-04
  Date:
  Update Number: 591080325 (VPN-1 NGX R60)
  Description: Multiple Microsoft Symbolic Link Files Protections (MS08-014)
     
SBP-2008-04
  Date:
  Update Number: 602080302 (VPN-1 NGX R61/R62/R65)
602080302 (VPN-1 VSX NGX R65)
  Description: Multiple Microsoft Symbolic Link Files Protections (MS08-014)
     
SBP-2008-02
  Date:
  Update Number: 591080302 (VPN-1 NGX R60)
602080302 (VPN-1 NGX R61/R62/R65)
592080302 (InterSpect NGX)
602080302 (VPN-1 VSX NGX R65)
  Description: Multiple PDF Containing Embedded JavaScript Protections
     
SDS Footer

You received this email because our records indicate that you wish to be contacted about SmartDefense Updates, Advisories, product news, and security information. If you do not want to receive further mailings, unsubscribe by sending a message with "SIGNOFF SMARTDEFENSE-NEWS" command to LISTSERV@AMADEUS.US.CHECKPOINT.COM in the first line (not the subject).

Copyright 2003-2008 Check Point Software Technologies LTD (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065