Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Media Alert: Check Point Provides Preemptive Protection Against Latest Microsoft Zero Day Vulnerability

VPN-1, UTM-1 and IPS-1 Automatically Defend Enterprises From New Buffer Overflow Vulnerability

Redwood City, CA —

Check Point® Software Technologies Ltd., the worldwide leader in securing the Internet, today announced that its firewall and intrusion prevention products, VPN-1, VPN-1 Power VSX, UTM-1, InterSpect and IPS-1, through Check Point SmartDefense subscription service, provide preemptive, zero day protection against a critical buffer overflow vulnerability.

The CVE-2007-0038 vulnerability was announced in Microsoft Security Bulletin MS07-017 and affects Microsoft Windows 2000, XP, 2003 and Vista. It allows an attacker to create a buffer overflow and use it to inject and execute arbitrary code on the host machine, with full privileges of the victim user. To initiate this attack, the victim must be enticed to perform an action such as clicking an email link.

With the NGX™ platform, Check Point is the only company to deliver a unified security architecture boasting integrated manageability and security across the full network infrastructure. This unified approach to enterprise security gives Check Point customers increased value for their security spend by delivering comprehensive, preemptive protection at multiple security layers in the infrastructure. Even before the announcement of this latest Microsoft vulnerability, Check Point customers were already protected with both their Check Point VPN-1 firewall and IPS-1 network intrusion prevention security layers that exist in VPN-1, VPN-1 Power VSX, UTM-1, InterSpect and IPS-1.

"Preemptive 'zero day' protection is a fundamental requirement for an effective network security architecture," said Oded Gonda, vice president of Network Security Products at Check Point. "By using multiple methods of detection and analysis to identify malicious and exploitative characteristics in network traffic, proactive protection is inherent in both Check Point firewall and intrusion prevention products."

More information about this vulnerability can be found at Check Point Software's SmartDefense Services website at: http://www.checkpoint.com/defense/advisories/public/2007/cpai-04-Apr.html (Due to its length, this URL may need to be copied/pasted into your Internet browser's address field. Remove the extra space if one exists.)

About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leader in securing the Internet. The company is a market leader in the worldwide enterprise firewall, personal firewall, data security and VPN markets. Check Point's PURE focus is on IT security with its extensive portfolio of network security, data security and security management solutions. Through its NGX platform, Check Point delivers a unified security architecture for a broad range of security solutions to protect business communications and resources for corporate networks and applications, remote employees, branch offices and partner extranets. The company also offers market leading data security solutions through the Pointsec product line, protecting and encrypting sensitive corporate information stored on PCs and other mobile computing devices. Check Point's award-winning ZoneAlarm Internet Security Suite and additional consumer security solutions protect millions of consumer PCs from hackers, spyware and data theft. Extending the power of the Check Point solution is its Open Platform for Security (OPSEC), the industry's framework and alliance for integration and interoperability with "best-of-breed" solutions from hundreds of leading companies. Check Point solutions are sold, integrated and serviced by a network of Check Point partners around the world and its customers include 100 percent of Fortune 100 companies and tens of thousands of businesses and organizations of all sizes.