Microsoft Internet Explorer HTML Object Memory Corruption Vulnerability
A memory corruption vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability will cause the browser to crash and may allow the execution of arbitrary commands. Check Point protection for enterprises is available for through its integrated IPS products, IPS Software Blade, and SmartDefense and for endpoints through the WebCheck feature of its Endpoint Security product. More information.
Microsoft Windows 7 SMB DoS
(CVE-2009-3676, MS 977544)
A denial of service vulnerability has been discovered in the way that the Microsoft Server Message Block (SMB) protocol. This vulnerability affects Windows Server 2008 and is also the first zero-day bug announced for Windows 7. Check Point provides immediate protection for this vulnerability through its IPS products, IPS Software Blade, SmartDefense, and IPS-1. More information.
Novell eDirectory Vulnerability
(Bugtraq ID: 37042)
A code execution vulnerability exists in Novell eDirectory. According to IDC, eDirectory is the most widely used directory on the market, used in 80 percent of Fortune 1000 companies. Successful exploitation would allow for execution of arbitrary code. Check Point provides protection against exploits that use this vulnerability through IPS-1. More information.
December 8, 2009
IN THIS ADVISORY:
- Microsoft Internet Explorer HTML Object Memory Corruption Vulnerability
- Microsoft Windows 7 SMB DoS
- Novell eDirectory Vulnerability
- Exporting Protections List
Best Practice: Exporting Protections List
To enable administrators to analyze protections in alternative applications, you can export the Protections list as Comma Separated Value (CSV) file. The exported information includes all protections, with all table fields regardless of any applied sorting or filtering you performed on the table.
To export the protections list:
- In the Protections page, click View > Export View.
- In the Save As dialog box, provide a filename and click Save.
|» Highlighted Protections
This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.
More Updates >
|Have SmartDefense feature questions?
Participate in the SmartDefense User Forum. The SmartDefense Forum is your space for asking questions regarding all SmartDefense features, and to collaborate with other SmartDefense users, worldwide, on SmartDefense-related issues. Check Point employees may monitor the forum and provide information on the issues posted.
|Know someone who should be getting the Advisories?
» About the Check Point Update Services
Check Point provides ongoing and real-time updates and configuration information to its R65 products through SmartDefense Services, and to Check Point R70 products through an update service included with the relevant Software Blade subscriptions. These updates increase the value of your Check Point products and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. These defenses are developed and distributed by Check Point’s global Research and Response Centers. For more information, visit www.CheckPoint.com
|You have received this notification because either you have a User Center account or you have subscribed to the Check Point Security Advisory. If you would prefer to no longer receive security alerts and defense notifications please click the Unsubscribe link below.
©2003-2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065