Check Point Protects Networks From Multiple Vulnerabilities in Microsoft SharePoint
( Microsoft Security Bulletin MS11-074 )
Five vulnerabilities in Microsoft SharePoint have been disclosed, the most serious of which can allow an attacker to gain elevated privileges on a targeted SharePoint server. Check Point's IPS Software Blade and NGX SmartDefense provides network-level protection against these issues.
Learn More
.
Multiple Remote Code Execution Vulnerabilities in MS Excel Disclosed
( Microsoft Security Bulletin MS11-072 )
Five vulnerabilities have been identified in the way that Microsoft Excel parses files.. Check Point's IPS Software Blade and NGX SmartDefense protect networks from these issues by detecting and blocking transferal of malicious Excel files via HTTP.
Learn More
.
Vulnerabilities in Microsoft Windows Components Can Allow Remote Code Execution
( Microsoft Security Bulletin MS11-071, CVE-2011-1991 )
A remote code execution vulnerability has been reported in the way that certain Windows components handle the loading of DLL files. A remote attacker could exploit this issue to execute arbitrary code in an affected system. The Check Point IPS Software Blade provides immediate network protection against this vulnerability in the latest IPS update by detecting and blocking the transferal of suspicious DLL files via SMB and WebDAV protocols.
Learn More
.
| In This Advisory | |
| Top Protections | |
| • | Check Point Protects Networks From Multiple Vulnerabilities in Microsoft SharePoint |
| • | Multiple Remote Code Execution Vulnerabilities in MS Excel Disclosed |
| • | Vulnerabilities in Microsoft Windows Components Can Allow Remote Code Execution |
| Highlighted Protections | |
| • | Including Patch Tuesday |
» Highlighted Protections
This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.
| Severity | Vulnerability Description | Check Point Protection Issued |
Industry Reference | Check Point Reference Number |
 Critical
|
Microsoft Excel MS-OGRAPH Code Execution | 13-Sep-2011 | CVE-2011-1990 | CPAI-2011-411 |
|
High
|
Microsoft WINS Local Elevation of Privilege | 13-Sep-2011 | CVE-2011-1984 | CPAI-2011-413 |
|
High
|
Preemptive Protection against Microsoft Excel Heap Corruption Code Execution | 13-Sep-2011 | CVE-2011-1988 | CPAI-2011-412 |
|
High
|
Microsoft Office Uninitialized Object Pointer Code Execution | 13-Sep-2011 | CVE-2011-1982 | CPAI-2011-410 |
|
High
|
Preemptive Protection against Microsoft Internet Explorer SafeHTML Cross-Site Scripting | 13-Sep-2011 | CVE-2011-1252 | CPAI-2011-409 |
|
High
|
Preemptive Protection against Microsoft Office Excel Use-after-free Code Execution | 13-Sep-2011 | CVE-2011-1986 | CPAI-2011-408 |
|
High
|
Microsoft Windows Multiple Components Insecure Library Loading | 13-Sep-2011 | CVE-2011-1991 | CPAI-2011-407 |
|
High
|
Microsoft Excel Conditional Expression Parsing Code Execution | 13-Sep-2011 | CVE-2011-1989 | CPAI-2011-406 |
|
High
|
Microsoft Excel Out of Bounds Array Indexing Code Execution | 13-Sep-2011 | CVE-2011-1987 | CPAI-2011-405 |
|
High
|
Microsoft SharePoint Server XML Rollup Information Disclosure | 13-Sep-2011 | CVE-2011-1892 | CPAI-2011-404 |
|
High
|
Preemptive Protection against Microsoft SharePoint Server Multiple Cross Site Scripting Vulnerabilities | 13-Sep-2011 |
CVE-2011-1890 CVE-2011-0653 CVE-2011-1893 CVE-2011-1891 |
CPAI-2011-403 |
More Updates >
Have questions about IPS? Participate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted. |
Know someone who should be getting the Advisories? |
| » About the Check Point Update Services Check Point provides ongoing and real-time updates and configuration information through an update service included with the relevant subscriptions. Updates from Check Point's global Research and Response Centers increase the value of your Check Point products, and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. For more information, visit www.CheckPoint.com. |
©2003-2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065