-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Greetings,
New SmartDefense Updates have been released today, August 6,
2007 for users
of VPN-1 NGX R65, R62, R61, R60, VPN-1 NG with Application
Intelligence
R55W, R55 & R54, users of InterSpect NGX and users of
Connectra NGX R62 &
R61.
Microsoft Excel Remote Code Execution Protection (MS07-036)
Overview: Multiple vulnerabilities have been identified in
Microsoft
Excel. Microsoft Excel is a popular spreadsheet application.
A remote
attacker could exploit these issues via a malformed Excel
file. Successful
exploitation of these vulnerabilities may allow execution of
arbitrary code
on a target system. By enabling this protection,
SmartDefense will detect
and block the transferring of malformed Excel files over
HTTP.
For more information, refer to CPAI-2007-085 at
http://www.checkpoint.com/defense/advi
sories/public/2007/cpai-10-Jula.html
Multiple Microsoft Windows Active Directory Crafted LDAP
Protections
(MS07-039)
Overview: Multiple vulnerabilities have been reported in
Microsoft Windows
Active Directory. The flaws are in the way the Active
Directory handles
LDAP requests. Lightweight Directory Access Protocol (LDAP)
is Internet
standard protocol designed for querying and modifying
directory services.
The vulnerabilities could be exploited by remote attackers
to crash the
service or execute arbitrary code on an affected system. By
enabling this
protection, SmartDefense will detect and block the
transferring of
malformed LDAP Search and Modify requests.
For more information, refer to CPAI-2007-086 at
http://www.checkpoint.com/defense/advis
ories/public/2007/cpai-11-Jul.html
Microsoft Office Publisher 2007 Remote Code Execution
Protections
(MS07-037)
Overview: A remote code execution vulnerability has been
reported in
Microsoft Publisher. Microsoft Publisher is a desktop
publishing
application for creating marketing materials, managing
customer lists and
more. A remote attacker can exploit this vulnerability via a
specially
crafted .pub file. Successful exploitation may allow
execution of arbitrary
code on a vulnerable system. By enabling this protection,
SmartDefense will
detect and block the transferring of Microsoft Publisher
files over HTTP.
For more information, refer to CPAI-2007-087 at
http://www.checkpoint.com/defense/advis
ories/public/2007/cpai-11-Jul.html
Links to the recent SmartDefense Advisories are available
at:
http://www.checkpoint.com/defense/advisories/pub
lic/summary.html
Read more about SmartDefense Service at:
http://www.checkpoint.com/defense/advisories/pu
blic/overview.html
To sign-up to the mailing list, send an email to
listserv amadeus.us.checkpoint.com with the text
"SUBSCRIBE
SMARTDEFENSE-NEWS" in the email body.
To unsubscribe from this list, send an email to
listservamadeus.us.checkpoint.com with the text
"SIGNOFF
SMARTDEFENSE-NEWS" In the email body.
As always, please feel free to contact us directly if you
have any comments
or questions (sda-infoCheckPoint.com).
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)
wsBVAwUBRrdBDqy7i8j/RTzHAQgpaAgAxpStKVdd9GYnGgFCeMlxnHepMVRU
/pD3
lQsZ+iV4MrF8ZBsoDTBHf7Cdz2+JmVWZRcIE9JpkidunHaSdu86bRhZo8mSa
psB9
6PfoCRRUIC57UNDqRxjHnm6E+XOh/Z+OLRD7ym6D4/qbci9k+NkULgGnbzxT
fvqr
zsdDobvbYUHA+u/8Lgq0865T8P5HgiIP6dbIE5zRkiMoK9lBh9JNQWsi/d2Z
nrGk
7rs6J/p/uV0hnVvEqCUsuFeRc1TikZjVsNZ7Ia+IUO8kprnxCAJvs1MkQ+lJ
5ZXL
T2DcutOR977deJryGh6jkyDy8/Ehd6YdZXsZDXTcPgRbXx0+VF/ZCQ==
=HnzZ
-----END PGP SIGNATURE-----
|
