Critical Microsoft Windows Media Player RTSP Vulnerability
(MS10-075, CVE-2010-3225)
A critical remote code execution vulnerability has been reported in Microsoft Windows Media Player network sharing service. An attacker may exploit this flaw and execute arbitrary code on a targeted machine. Check Point IPS Software Blade and NGX SmartDefense provide immediate network protection in the latest IPS update by detecting and blocking overly large requests made to the vulnerable service. Learn More.
Microsoft Secure Channel Denial of Service Vulnerability
(MS10-085, CVE-2010-3229)
A denial of service vulnerability has been reported in the way that Microsoft's SChannel security package processes client certificates in Microsoft Windows. A remote attacker could use this issue to create a denial of service condition, thus crashing the vulnerable service. Check Point IPS Software Blade and NGX SmartDefense provide immediate network protection in the latest IPS update by detecting and blocking malformed messages sent to a server that attempt to exploit this vulnerability. Learn More.
Check Point Protects Systems Against Stuxnet Worm
(CVE-2010-2772, MS08-067, MS10-046, MS10-061)
The Stuxnet worm is a sophisticated malware program that exploits several vulnerabilities in Microsoft Windows. Stuxnet's ultimate targets are Programmable Logic Controllers (PLCs) manufactured by Siemens. These systems, which are typically programmed via network-connected Windows computers, are used for automation and control in various industrial and scientific applications. Successful infection of PLCs could result in modification of their operation. Check Point Software Blade, IPS-1, and SmartDefense continue to provide immediate network protection against these vulnerabilities. Learn More.
| In This Advisory | |
| » Top Protections | |
 |
Critical Microsoft Windows Media Player RTSP Vulnerability |
|
Microsoft Secure Channel Denial of Service Vulnerability |
|
Check Point Protects Systems Against Stuxnet Worm |
| » Deployment Tip | |
|
Using IPS Performance Counters |
| » Highlighted Protections | |
|
Including Patch Tuesday |
» Highlighted Protections
This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.
| Severity | Vulnerability Description | Check Point Protection Issued |
Industry Reference | Check Point Reference Number |
 Critical |
Microsoft Windows Media Player RTSP Use after Free Code Execution | 12-Oct-10 | MS10-075 CVE-2010-3225 |
CPAI-2010-289 |
| Critical |
Microsoft Internet Explorer CSS Rule Handling Memory Corruption | 12-Oct-10 | MS10-071 CVE-2010-3328 |
CPAI-2010-287 |
| Critical |
Microsoft Internet Explorer Event Handling Memory Corruption | 12-Oct-10 | MS10-071 CVE-2010-3326 |
CPAI-2010-286 |
| Critical |
Microsoft Outlook Web Access Crafted POST Request Elevation of Privilege | 14-Sep-10 | Microsoft Security Advisory (2401593) CVE-2010-3213 |
CPAI-2010-268 |
| High |
Microsoft SChannel TLSv1 Denial of Service | 12-Oct-10 | MS10-085 CVE-2010-3229 |
CPAI-2010-279 |
| High |
Blocking Multiple HTTP Error Responses (ASP.NET) | 19-Sep-10 | Microsoft Security Advisory (2416728) MS10-070 CVE-2010-3332 |
SBP-2010-26 |
| High |
Microsoft Internet Explorer MSHTML Uninitialized Memory Corruption | 12-Oct-10 | MS10-071 CVE-2010-3331 |
CPAI-2010-271 |
| High |
Microsoft Browser Embedded Media Player Memory Corruption | 12-Oct-10 | MS10-082 CVE-2010-2745 |
CPAI-2010-283 |
| High |
Microsoft OpenType Font Validation Elevation of Privilege | 12-Oct-10 | MS10-078 CVE-2010-2741 |
CPAI-2010-281 |
| High |
Microsoft Word Index Value Parsing Memory Corruption | 12-Oct-10 | MS10-079 CVE-2010-3219 |
CPAI-2010-292 |
| High |
Microsoft Word LVL Structure Parsing Remote Code Execution | 12-Oct-10 | MS10-079 CVE-2010-3220 |
CPAI-2010-291 |
| High |
Microsoft Excel Ghost Record Type Parsing Code Execution | 12-Oct-10 | MS10-080 CVE-2010-3242 |
CPAI-2010-273 |
| High |
Microsoft Excel Formula BIFF Record Parsing Memory Corruption | 12-Oct-10 | MS10-080 CVE-2010-3231 |
CPAI-2010-274 |
| High |
Microsoft Excel Corrupted Table Records Code Execution | 12-Oct-10 | MS10-080 CVE-2010-3232 |
CPAI-2010-278 |
| High |
Synology Disk Station FTP Login Web Commands Injecti | 30-Sep-10 | CVE-2010-2453 | CPAI-2010-270 |
| High |
'Here you have'/W32.VBMania Worm | 16-Sep-10 | CPAI-2010-269 |
More Updates >
Have questions about IPS? Participate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted. |
Know someone who should be getting the Advisories? |
| » About the Check Point Update Services Check Point provides ongoing and real-time updates and configuration information to its NGX products through SmartDefense subscriptions, and to Check Point Software Blades products through an update service included with the relevant Software Blade subscriptions. These updates increase the value of your Check Point products and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. These defenses are developed and distributed by Check Point’s global Research and Response Centers. For more information, visit www.CheckPoint.com. |
©2003-2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065