Microsoft Patches Two 0-day Vulnerabilities
(MS10-042, MS10-043)
In the July security update Microsoft patched two 0-day vulnerabilities. The Windows Help and Support Center vulnerability that was reported in early June by a Google security engineer along with proof of concept code went unpatched for 33 days. The Windows Canonical Display Driver vulnerability that they acknowledged in mid-May went unpatched for 55 days. The Check Point IPS Software Blade provided protection within three days of the public disclosure of these vulnerabilities. More information.
Microsoft Outlook AttachMethods Vulnerability(MS10-045, CVE-2010-0266)
A remote code execution vulnerability exists in the way that Microsoft Office Outlook verifies attachments in e-mail messages. A remote attacker may exploit this vulnerability to take complete control of the affected system. The Check Point IPS Software Blade detects and blocks attempts to bypass the Outlook attachment filter. More information.
IPS Update for Critical Adobe Vulnerabilities in APSB10-15
(APSB10-15)
Adobe released an accelerated quarterly security update on June 29th to patch critical vulnerabilities in Adobe Reader and Acrobat that are being exploited in the wild. A remote attacker may exploit these vulnerabilities to take complete control of an affected system. Check Point recommends applying these patches and the additional Check Point protections in the IPS Software Blade. More information.
July 13, 2010
| In This Advisory | |
| » Top Protections | |
 |
Microsoft Patches Two 0-day Vulnerabilities |
|
Microsoft Outlook AttachMethods Vulnerability |
|
IPS Update for Critical Adobe Vulnerabilities in APSB10-15 |
| » Deployment Tip | |
|
Evaluate IPS today |
| » Highlighted Protections | |
|
Including Patch Tuesday |
| Deployment Tip Best Practice: Evaluate IPS today If you want intrusion protection, you can simply enable the IPS Software Blade; however, it won’t enforce the latest protections until you have a valid IPS contract*. Get a 30 day IPS contract from the Check Point User Center and begin your evaluation of intrusion protection from Check Point today.
 SmartUpdate Example:
 * More information about IPS contracts is available in SecureKnowledge solution sk44175. |
» Highlighted Protections
This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.
| Severity | Vulnerability Description | Check Point Protection Issued |
Industry Reference | Check Point Reference Number |
 Critical |
Microsoft Windows Canonical Display Driver Denial of Service | 20-May-10 | CVE-2009-3678 MS10-043 |
CPAI-2010-083 |
| Critical |
Microsoft Office Access ACCWIZ.dll Uninitialized Variable Remote Code Execution | 13-Jul-10 | CVE-2010-1881 MS10-044 |
CPAI-2010-219 |
| Critical |
Microsoft Internet Explorer Access ActiveX Controls Remote Code Execution | 13-Jul-10 | CVE-2010-0814 MS10-044 |
CPAI-2010-217 |
| Critical |
Adobe Reader and Acrobat Launch Action Command Code Execution | 30-Jun-10 | CVE-2010-1240 APSB10-15 |
CPAI-2010-211 |
| Critical |
Adobe Flash Player Deprecated Tag Memory Corruption Vulnerability | 22-Jun-10 | CVE-2010-2186 APSB10-14 |
CPAI-2010-212 |
| Critical |
Adobe Flash Player Embedded JPEG Remote Code Execution | 22-Jun-10 | CVE-2010-2164 APSB10-14 |
CPAI-2010-210 |
| Critical |
Adobe Flash Player Embedded Image Integer Overflow | 22-Jun-10 | CVE-2010-2170 APSB10-14 |
CPAI-2010-209 |
| Critical |
Adobe Photoshop CS4 ABR File Processing Buffer Overflow | 27-Jun-10 | CVE-2010-1296 APSB10-13 |
CPAI-2010-213 |
| High |
Microsoft Internet Explorer Help and Support Center Remote Code Execution | 13-Jun-10 | CVE-2010-1885 MS10-042 |
CPAI-2010-208 |
| High |
Microsoft Outlook AttachMethods Remote Code Execution | 13-Jul-10 | CVE-2010-0266 MS10-045 |
CPAI-2010-218 |
| High |
PDF Files Containing Embedded Adobe Flash Movies Vulnerabilities | 30-Jun-10 | CVE-2010-1297 CVE-2010-2168 CVE-2010-2201 |
SBP-2010-22 |
| High |
PDF Files Containing Malformed JBIG2 Structure Vulnerabilities | 06-Jul-10 | CVE-2009-0658 CVE-2009-1858 |
SBP-2010-23 |
| High |
Apple Safari for Windows and Internet Explorer Combined Code Execution | 13-Jul-10 | CVE-2008-2540 Microsoft Security Advisory (953818) |
CPAI-2010-216 |
| High |
Apple Safari parent.close Code Execution | 06-Jul-10 | CVE-2010-1939 | CPAI-2010-215 |
More Updates >
Have questions about IPS? Participate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted. |
Know someone who should be getting the Advisories? |
| » About the Check Point Update Services Check Point provides ongoing and real-time updates and configuration information to its NGX products through SmartDefense subscriptions, and to Check Point Software Blades products through an update service included with the relevant Software Blade subscriptions. These updates increase the value of your Check Point products and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. These defenses are developed and distributed by Check Point’s global Research and Response Centers. For more information, visit www.CheckPoint.com. |
©2003-2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065