Check Point Security Advisory
»Top Protections

Multiple Vulnerabilities Discovered in Microsoft Internet Explorer
Microsoft Security Bulletin MS11-081 )
Microsoft has reported several critical remote code execution vulnerabilities in Internet Explorer. A remote attacker could exploit these vulnerabilities by enticing a user to visit a maliciously crafted Web page that takes advantage of one or more of them. The Check Point IPS Software Blade provides network protection against these issues. Learn More .

Five Vulnerabilities Found in Microsoft Forefront Unified Access Gateway
Microsoft Security Bulletin MS11-079 )
Five security issues in Forefront Unified Access Gateway (UAG) have been reported, the most severe of which could allow remote code execution on a targeted machine. The Check Point IPS Software Blade provides network protection against these vulnerabilities. Learn More .

Critical Vulnerability Discovered in Microsoft .NET Framework and Silverlight
Microsoft Security Bulletin MS11-078CVE-2011-1253 )
A vulnerability has been discovered in the .NET framework and Microsoft Silverlight that can be exploited to allow an attacker to perform remote code execution on a targeted machine. The Check Point IPS Software Blade provides network protection against this issue. Learn More .

October 11, 2011
In This Advisory
Top Protections
Multiple Vulnerabilities Discovered in Microsoft Internet Explorer
Five Vulnerabilities Found in Microsoft Forefront Unified Access Gateway
Critical Vulnerability Discovered in Microsoft .NET Framework and Silverlight
Deployment Tip
R75.20 SmartDashboard Adds Additional Filters To Find Protections
Highlighted Protections
Including Patch Tuesday

Contact Us

IPS Software Blades

Learn About Our Endpoint Security

Update Services - Buy Now

Deployment Tip
R75.20 SmartDashboard Adds Additional Filters To Find Protections

A new "Additional Filters" feature in SmartDashboard lets you filter IPS Protections by Severity, Confidence Level, Performance Impact, Supported Versions, and CVE Year:

ips-protection-filter


» Highlighted Protections

This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.

Severity Vulnerability Description Check Point Protection
Issued
Industry Reference Check Point Reference
Number
CriticalCritical Microsoft Forefront UAG ExcelTable Reflected XSS Information Disclosure 11-Oct-2011 CVE-2011-1896 CPAI-2011-472
CriticalCritical Microsoft Forefront UAG Default Reflected XSS Information Disclosure 11-Oct-2011 CVE-2011-1897 CPAI-2011-471
CriticalCritical Microsoft Forefront UAG Poisoned Cup of Code Execution 11-Oct-2011 CVE-2011-1969 CPAI-2011-470
CriticalCritical Microsoft .Net and Silverlight Framework Remote Code Execution 11-Oct-2011 CVE-2011-1253  CPAI-2011-467
CriticalCritical Internet Explorer Body Element Memory Corruption 11-Oct-2011 CVE-2011-2000 CPAI-2011-460
CriticalCritical Internet Explorer Option Element Memory Corruption 11-Oct-2011 CVE-2011-1996 CPAI-2011-459
CriticalCritical Microsoft Internet Explorer Element Index Memory Corruption 11-Oct-2011 CVE-2011-1999 CPAI-2011-458
CriticalCritical Microsoft Internet Explorer Uninitialized Pointer Dereference 11-Oct-2011 CVE-2011-1995 CPAI-2011-457
CriticalCritical Internet Explorer Virtual Function Table Memory Corruption 11-Oct-2011 CVE-2011-2001 CPAI-2011-456
CriticalCritical Internet Explorer OnLoad Event Memory Corruption 11-Oct-2011 CVE-2011-1997 CPAI-2011-455
CriticalCritical Internet Explorer Scroll Event Memory Corruption 11-Oct-2011 CVE-2011-1993 CPAI-2011-454
CriticalHigh Microsoft Active Accessibility DLL Loading Remote Code Execution 11-Oct-2011 CVE-2011-1247 CPAI-2011-453
CriticalHigh Microsoft HIS SNA Protocol Multiple Denial of Service Vulnerabilities 11-Oct-2011 CVE-2011-2007
CVE-2011-2008
CPAI-2011-466
CriticalHigh Microsoft Windows Kernel Font Library File Buffer Overrun 11-Oct-2011 CVE-2011-2003 CPAI-2011-465
CriticalHigh Microsoft Windows Multiple COM Binary Planting Vulnerabilities 11-Oct-2011 CVE-2011-2009
CVE-2011-1991
CPAI-2011-463
CriticalHigh Microsoft Forefront UAG Session Cookie Denial of Service 11-Oct-2011 CVE-2011-2012 CPAI-2011-462
CriticalHigh Microsoft Forefront UAG ExcelTable Information Disclosure 11-Oct-2011 CVE-2011-1895 CPAI-2011-461
CriticalHigh Adobe Flash Player ActionScript PCRE Memory Corruption 11-Oct-2011 CVE-2011-2427 CPAI-2011-469
CriticalHigh Adobe Flash Player ActionScript Recursive StackOverflowError 11-Oct-2011 CVE-2011-2426 CPAI-2011-468

More Updates >
Have questions about IPS?
IPS ForumParticipate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted.
Know someone who should be getting the Advisories?

Subscribe to Security Alerts and Advisories

» About the Check Point Update Services
Check Point provides ongoing and real-time updates and configuration information through an update service included with the relevant subscriptions. Updates from Check Point's global Research and Response Centers increase the value of your Check Point products, and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. For more information, visit www.CheckPoint.com.

Archived Check Point Security Advisories
Read Check Point's Privacy Policy
©2003-2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065