Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Media Alert: Check Point Protects Against Unpatched Internet Explorer Vulnerability

Updates to Check Point SmartDefense secure enterprise networks from Microsoft Access Snapshot Viewer ActiveX flaw

Redwood City, CA —

Check Point® Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the Internet, today announced through Check Point SmartDefense® Services, users of VPN-1® R65, R62, R61 and R60, VSX ® NGX R65, InterSpect ® NGX, IPS-1 ® and IPS-1 NGX R65 are protected from newly disclosed Microsoft vulnerabilities, including an unpatched security hole in the ActiveX control for Microsoft Access Snapshot Viewer (Microsoft Security Advisory 955179). SmartDefense Services subscribers receive protection against the Snapshot Viewer ActiveX vulnerability as well as recently publicized Domain Name Sever (DNS), Windows Explorer and Outlook Web Access vulnerabilities.

Snapshot Viewer for Microsoft Access allows users to view Microsoft Office Access reports without having Microsoft Office Access installed. An unpatched vulnerability in the ActiveX control for Snapshot Viewer could allow a hacker to remotely execute arbitrary code on a vulnerable system. Check Point mitigates the threat without the need for a patch by allowing administrators to update their network security device with a protection that blocks HTML pages attempting to exploit this vulnerability.
  
"When a patch is unavailable for a web browser security issue that affects many workstations in the organization the required configuration changes are very time consuming and disruptive," said Oded Gonda, vice president of network security products at Check Point. "Many times when a patch is unavailable, businesses just wait for the release of a patch without taking any precautions, putting their networks at risk. Check Point SmartDefense Services provide immediate network security protection to the latest threats, whether patched or not."

In addition to the Snapshot Viewer ActiveX vulnerability, Check Point released last week SmartDefense updates for vulnerabilities announced in the July Microsoft Security Bulletin. The vulnerabilities affect users of Microsoft Windows based desktops, laptops and servers (for a full list of vulnerable products visit: www.microsoft.com/technet/security/current.aspx). Check Point released SmartDefense updates and advisories for:

• DNS vulnerability (MS08-037)
• Windows Explorer vulnerability (MS08-038)
• Outlook Web Access for exchange server vulnerabilities (MS08-039)

Check Point SmartDefense provides intrusion prevention capabilities that are integrated into Check Point gateways.  SmartDefense is updated by SmartDefense Services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies.  SmartDefense protections are developed and distributed by SmartDefense Research and Response Centers located around the globe.

More information about the vulnerabilities and SmartDefense protections can be found at Check Point’s Microsoft Security website: http://www.checkpoint.com/defense/advisories/public/index.html.

About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is the leader in securing the Internet. Check Point offers total security solutions featuring a unified gateway, single endpoint agent and single management architecture, customized to fit customers' dynamic business needs. This combination is unique and is a result of our leadership and innovation in the enterprise firewall, personal firewall/endpoint, data security and VPN markets.

Check Point's pure focus is on information security. Through its NGX platform, Check Point delivers a unified security architecture to protect business communications and resources, including corporate networks and applications, remote employees, branch offices and partner extranets. The company also offers market-leading endpoint and data security solutions with Check Point Endpoint Security products, protecting and encrypting sensitive corporate information stored on PCs and other mobile computing devices. Check Point's award-winning ZoneAlarm solutions protect millions of consumer PCs from hackers, spyware and identity theft. Check Point solutions are sold, integrated and serviced by a network of Check Point partners around the world and its customers include 100 percent of Fortune 100 companies and tens of thousands of businesses and organizations of all sizes.