Check Point Security Advisory
»Top Protections

Check Point Protects Networks From Multiple Vulnerabilities in Microsoft SharePoint
( Microsoft Security Bulletin MS11-074 ) Five vulnerabilities in Microsoft SharePoint have been disclosed, the most serious of which can allow an attacker to gain elevated privileges on a targeted SharePoint server. Check Point's IPS Software Blade and NGX SmartDefense provides network-level protection against these issues. Learn More .

Multiple Remote Code Execution Vulnerabilities in MS Excel Disclosed
Microsoft Security Bulletin MS11-072 )
Five vulnerabilities have been identified in the way that Microsoft Excel parses files.. Check Point's IPS Software Blade and NGX SmartDefense protect networks from these issues by detecting and blocking transferal of malicious Excel files via HTTP. Learn More .

Vulnerabilities in Microsoft Windows Components Can Allow Remote Code Execution
Microsoft Security Bulletin MS11-071CVE-2011-1991 )
A remote code execution vulnerability has been reported in the way that certain Windows components handle the loading of DLL files. A remote attacker could exploit this issue to execute arbitrary code in an affected system. The Check Point IPS Software Blade provides immediate network protection against this vulnerability in the latest IPS update by detecting and blocking the transferal of suspicious DLL files via SMB and WebDAV protocols. Learn More .

September 13, 2011
In This Advisory
Top Protections
Check Point Protects Networks From Multiple Vulnerabilities in Microsoft SharePoint
Multiple Remote Code Execution Vulnerabilities in MS Excel Disclosed
Vulnerabilities in Microsoft Windows Components Can Allow Remote Code Execution
Highlighted Protections
Including Patch Tuesday

Contact Us

IPS Software Blades

Learn About Our Endpoint Security

SmartDefense Microsoft Security Resources

Update Services - Buy Now

» Highlighted Protections

This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.

Severity Vulnerability Description Check Point Protection
Issued
Industry Reference Check Point Reference
Number
CriticalCritical Microsoft Excel MS-OGRAPH Code Execution 13-Sep-2011 CVE-2011-1990 CPAI-2011-411
CriticalHigh Microsoft WINS Local Elevation of Privilege 13-Sep-2011 CVE-2011-1984 CPAI-2011-413
CriticalHigh Preemptive Protection against Microsoft Excel Heap Corruption Code Execution 13-Sep-2011 CVE-2011-1988 CPAI-2011-412
CriticalHigh Microsoft Office Uninitialized Object Pointer Code Execution 13-Sep-2011 CVE-2011-1982 CPAI-2011-410
CriticalHigh Preemptive Protection against Microsoft Internet Explorer SafeHTML Cross-Site Scripting 13-Sep-2011 CVE-2011-1252 CPAI-2011-409
CriticalHigh Preemptive Protection against Microsoft Office Excel Use-after-free Code Execution 13-Sep-2011 CVE-2011-1986 CPAI-2011-408
CriticalHigh Microsoft Windows Multiple Components Insecure Library Loading 13-Sep-2011 CVE-2011-1991 CPAI-2011-407
CriticalHigh Microsoft Excel Conditional Expression Parsing Code Execution 13-Sep-2011 CVE-2011-1989 CPAI-2011-406
CriticalHigh Microsoft Excel Out of Bounds Array Indexing Code Execution 13-Sep-2011 CVE-2011-1987 CPAI-2011-405
CriticalHigh Microsoft SharePoint Server XML Rollup Information Disclosure 13-Sep-2011 CVE-2011-1892 CPAI-2011-404
CriticalHigh Preemptive Protection against Microsoft SharePoint Server Multiple Cross Site Scripting Vulnerabilities 13-Sep-2011 CVE-2011-1890
CVE-2011-0653
CVE-2011-1893
CVE-2011-1891
CPAI-2011-403

More Updates >
Have questions about IPS?
IPS ForumParticipate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted.
Know someone who should be getting the Advisories?

Subscribe to Security Alerts and Advisories

» About the Check Point Update Services
Check Point provides ongoing and real-time updates and configuration information through an update service included with the relevant subscriptions. Updates from Check Point's global Research and Response Centers increase the value of your Check Point products, and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. For more information, visit www.CheckPoint.com.

Archived Check Point Security Advisories
Read Check Point's Privacy Policy
©2003-2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065