Check Point Security Advisory
»Top Protections

Check Point Provides Network Protection Against TDLv4 Rootkit
A new "TDLv4" version of the TDSS rootkit has infected over 4.5 million machines world-wide. Those machines are joined to a botnet which can be used for malicious purposes such as mounting network/endpoint attacks, installation of more malware on the infected systems, etc. Check Point's IPS Software Blade provides protection in the latest IPS update by  blocking HTTP requests to download this trojan virus. Learn More .

Remote Code Execution Issue in Microsoft Office Visio 2003
( Microsoft Security Bulletin MS11-055, CVE-2010-3148 )
A critical remote code execution vulnerability has been reported in Visio 2003. Successful exploitation may enable an attacker to install programs, delete data, or create new accounts with full user rights. Check Point's IPS Software Blade provides immediate network protection in the latest IPS update by blocking attempts to exploit this issue. Learn More .

Critical Vulnerability in Apple IOS PDF Document Reader
A remote code execution vulnerability in Apple's PDF viewer for its IOS operating system is being actively exploited in the wild. Remote attackers can trigger this flaw by enticing a user to open a specially crafted PDF file. Successful exploitation of this vulnerability allows the execution of arbitrary code on the targeted device. Check Point's IPS Software Blade provides protection against this vulnerability at the network level in the latest IPS update by detecting and blocking the transferal of malformed PDF files via HTTP. Learn More .

Five Remote Code Execution Vulnerabilities Discovered in Microsoft's CSRSS
( Microsoft Security Bulletin MS11-056 )
Five vulnerabilities have been discovered in the CSRSS component of Microsoft Windows. Successful exploitation of any of these vulnerabilities could result in an attacker taking complete control of a targeted system. Check Point's IPS Software Blade provides immediate network protection in the latest IPS update by blocking attempts to exploit these vulnerabilities. Learn More .

July 12, 2011
In This Advisory
Top Protections
Check Point Provides Network Protection Against TDLv4 Rootkit
Remote Code Execution Issue in Microsoft Office Visio 2003
Critical Vulnerability in Apple IOS PDF Document Reader
Five Remote Code Execution Vulnerabilities Discovered in Microsoft's CSRSS
Highlighted Protections
Including Patch Tuesday

Contact Us

IPS Software Blades

Learn About Our Endpoint Security

Resources for Messaging Security

SmartDefense Microsoft Security Resources

Update Services - Buy Now

» Highlighted Protections

This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.

Severity Vulnerability Description Check Point Protection
Issued
Industry Reference Check Point Reference
Number
CriticalCritical TDLv4 / TDSS Rootkit 04-Jul-2011 CPAI-2011-323
CriticalCritical Microsoft Office Visio 2003 Insecure Library Loading 10-Jul-2011 CVE-2010-3148 CPAI-2011-334
CriticalCritical Microsoft Windows CSRSS CONSOLE_ALLOC_MSG RCE 10-Jul-2011 CVE-2011-1281 CPAI-2011-336
CriticalCritical Microsoft Windows CSRSS winsrv Integer Overflow RCE 10-Jul-2011 CVE-2011-1870 CPAI-2011-335
CriticalCritical Apple PDF Viewer TTF Embedded Jailbreak Code Execution 12-Jul-2011 CPAI-2011-338
CriticalHigh Microsoft Windows CSRSS SrvWriteConsoleOutput RCE 07-Jul-2011 CVE-2011-1284 CPAI-2011-333
CriticalHigh Microsoft Windows CSRSS ConsoleNumberOfCommand RCE 07-Jul-2011 CVE-2011-1283 CPAI-2011-332
CriticalHigh Microsoft Windows CSRSS winsrv NULL Pointer RCE 10-Jul-2011 CVE-2011-1282 CPAI-2011-337

More Updates >
Have questions about IPS?
IPS ForumParticipate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted.
Know someone who should be getting the Advisories?

Subscribe to Security Alerts and Advisories

» About the Check Point Update Services
Check Point provides ongoing and real-time updates and configuration information through an update service included with the relevant subscriptions. Updates from Check Point's global Research and Response Centers increase the value of your Check Point products, and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. For more information, visit www.CheckPoint.com.

Archived Check Point Security Advisories
Read Check Point's Privacy Policy
©2003-2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065