Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Check Point Provides Preemptive Protection Against Santy.C Worm

Check Point Customers Protected in Advance of Command Injection Vulnerability; Additional Proof Point for Proactive Protection Against Unknown Attacks

REDWOOD CITY, Calif., -- December 27, 2004 - Check Point Software Technologies Ltd. (NASDAQ: CHKP), the worldwide leader in securing the Internet, today announced that its industry-leading VPN-1® Next Generation™ with Application Intelligence and Web Intelligence™ together provide preemptive protection against the Santy.C worm (also known as PhpInclude.Worm). If exploited, the Santy.C command injection vulnerability could allow Web page defacement, data theft and execution of arbitrary code. The worm hit on December 25, 2004, but Check Point has provided a defense against this worm since December 21, 2004.

PHP, a widely used server-side scripting language used to create dynamic Web pages, is especially suited for Web development since it can be easily embedded into HTML. The Santy.C worm uses search engines like Google and Yahoo! to enable a remote attacker to inject malicious code into PHP scripts. Users of VPN-1 Next Generation with Application Intelligence, Web Intelligence and Connectra who implemented the December 21st SmartDefense™ Special Advisory (CPSA-2004-07) are automatically protected against this vulnerability. Specifically, Check Point Web Intelligence provides command injection protection by looking for system commands in forms input and in URLs. For more information on Check Point's Web Intelligence, please visit http://www.checkpoint.com/products/web_intelligence/index.html.

SmartDefense is a management feature set included with Check Point firewalls and VPNs that enables customers to configure their network to proactively protect against known and unknown attacks. It provides customers with the best network- and application-level security protection for dynamic Internet threats, such as the Santy.C worm. Additionally, Check Point customers can benefit from the SmartDefense Service, which enables real-time updates and advisories that provide additional protection against these new and emerging threats.

A detailed description of the threat and defense is available to subscription customers of the SmartDefense Service. For more information on the Santy.C command injection vulnerability, please see advisory CPAI-2004-69 at http://www.checkpoint.com/defense/advisories/public/2004/cpai-2004-69.html.

About Check Point SmartDefense Service
SmartDefense Advisories are included with the SmartDefense Service and are available to licensed customers. The SmartDefense Service capabilities are available for Check Point products including VPN-1 Pro™, Check Point Express™, InterSpect™, Web Intelligence™ and Connectra™.

About Check Point Software
Check Point Software Technologies Ltd. (www.checkpoint.com) is the worldwide leader in securing the Internet. It is the confirmed market leader of both the worldwide VPN and firewall markets. Through its Next Generation product line, the company delivers a broad range of intelligent Perimeter, Internal and Web security solutions that protect business communications and resources for corporate networks and applications, remote employees, branch offices and partner extranets. The company's Zone Labs (www.zonelabs.com) division is one of the most trusted brands in Internet security, creating award-winning endpoint security solutions that protect millions of PCs from hackers, spyware and data theft. Extending the power of the Check Point solution is its Open Platform for Security (OPSEC), the industry's framework and alliance for integration and interoperability with "best-of-breed" solutions from over 350 leading companies. Check Point solutions are sold, integrated and serviced by a network of more than 2,300 Check Point partners in 92 countries.

###

©2004 Check Point Software Technologies Ltd. All rights reserved.
Check Point, Application Intelligence, Check Point Express, the Check Point logo, ClusterXL, ConnectControl, Connectra, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer, FireWall-1 XL, FloodGate-1, INSPECT, INSPECT XL, InterSpect, IQ Engine, Open Security Extension, OPSEC, Provider-1, Safe@Office, SecureKnowledge, SecurePlatform, SecureXL, SiteManager-1, SmartCenter, SmartCenter Pro, SmartDashboard, SmartDefense, SmartLSM, SmartMap, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SSL Network Extender, UAM, User-to-Address Mapping, UserAuthority, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 VSX, Web Intelligence, TrueVector, ZoneAlarm, Zone Alarm Pro, Zone Labs, the Zone Labs logo, AlertAdvisor, Cooperative Enforcement, IMsecure, Policy Lifecycle Management, Zone Labs Integrity and Smarter Security are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726 and 6,496,935 and may be protected by other U.S. Patents, foreign patents, or pending applications.