|»Hot SmartDefense Protections
Microsoft SQL Server Stored Procedure Buffer Overflow Vulnerability
This vulnerability is due to an error in the Microsoft SQL Server when calling the extended stored procedure sp_replwritetovarbin with a set of crafted parameters.
Successful exploitation would cause a denial of service and may allow execution of arbitrary code on a vulnerable system. Although there is currently no Microsoft patch available, SmartDefense Services provides protections to Check Point products against exploits that use this vulnerability.
SSL Certificate Forgery Attacks
This attack leverages a weakness in the MD5 algorithm, which is used to sign SSL certificates that tie authentic corporate identities to corresponding Web site addresses and public encryption keys. Researchers were able to devise a way to manipulate an official Certificate Authority (CA) and launch an attack that would forge a rogue CA that then becomes trusted by all common browsers. SmartDefense provides a protection that will detect and block SSL connections to Web sites whose certificate may have been forged using this recently discovered attack.
Internet Explorer 7 Vulnerability
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, causing the browser to crash and allowing execution of arbitrary commands. SmartDefense Services provided protections to Check Point products against exploits that use this vulnerability six days before the Microsoft patch was available.
January 13, 2009
IN THIS ADVISORY:
- Microsoft SQL Server Stored Procedure Buffer Overflow Vulnerability
- SSL Certificate Forgery Attacks
- Internet Explorer 7 Vulnerability
|» Highlighted SmartDefense Updates
This table lists SmartDefense protection updates for recently disclosed threats. In some cases, SmartDefense protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.
More SmartDefense Updates >
» How to Install SmartDefense Updates
SmartDefense Updates can be downloaded and configured on your Check Point
products through the Check Point SmartCenter management interface.
Best Practice: Blocking Thunder
Peer to peer Internet traffic, such as Thunder, slows critical business applications on corporate networks. It lowers employee productivity as they take time away from their work to download music and videos. This sort of traffic also significantly increases your company’s Internet communication costs and may require you to purchase additional bandwidth.
- Click the SmartDefense tab.
- Click Application Intelligence > Peer to Peer > Thunder.
- In the Configuration pane, under Settings > Mode, select Active.
|Have SmartDefense feature questions?
Participate in the SmartDefense User Forum. The SmartDefense Forum is your space for asking questions regarding all SmartDefense features, and to collaborate with other SmartDefense users, worldwide, on SmartDefense-related issues. Check Point employees may monitor the forum and provide information on the issues posted.
|Know someone who should be getting the Advisories?
» About SmartDefense and SmartDefense Services
Check Point SmartDefense provides intrusion prevention capabilities that are integrated into Check Point products. SmartDefense is updated by SmartDefense Services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies. SmartDefense also helps to minimize threats by providing defenses that can be used before vendor supplied patches become available or are fully installed throughout the network. SmartDefense protections are developed and distributed by SmartDefense Research and Response Centers located around the globe. For additional information visit www.CheckPoint.com/Defense.
Archived SmartDefense Security Advisories >
|You have received this notification because either you have a User Center account or you have subscribed to the SmartDefense Newsletter. If you would prefer to no longer receive security alerts and defense notifications please click the Unsubscribe link below.
©2003-2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065