-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Greetings,
New SmartDefense Updates have been released today, February
24, 2008 for
users of VPN-1 NGX R65, R62, R61, R60, VPN-1 NG R55 &
R54, and users of
InterSpect NGX.
Microsoft OLE Automation Remote Code Execution Protection
(MS08-008)
Overview: A remote code execution vulnerability was
discovered in Windows
Object Linking and Embedding (OLE) Automation. OLE
Automation is a protocol
that allows applications to share data or control one
another. A remote
attacker can exploit this vulnerability to execute arbitrary
code on an
affected system. By enabling this protection, SmartDefense
will detect and
block attempts to exploit this vulnerability.
For more information, refer to CPAI-2008-020 at
http://www.checkpoint.com/defense/advi
sories/public/2008/cpai-04-Feba.html
Microsoft WebDAV Mini-Redirector Remote Code Execution
Protection
(MS08-007)
Overview: A remote code execution vulnerability has been
reported in the
Microsoft Windows WebDAV Mini-Redirector. Web Distributed
Authoring and
Versioning (WebDAV) is a set of extensions for HTTP that
allows allow
clients to publish, lock, and manage resources on the Web. A
remote
attacker may exploit this vulnerability to execute arbitrary
code on an
affected system. By enabling this protection, SmartDefense
will detect and
block WebDAV responses attempting to exploit this
vulnerability.
For more information, refer to CPAI-2008-021 at
http://www.checkpoint.com/defense/advi
sories/public/2008/cpai-04-Febb.html
Microsoft Visual FoxPro ActiveX Object Memory Corruption
Protection
(MS08-010)
Overview: A remote code execution vulnerability has been
reported in
Microsoft Visual FoxPro. Microsoft Visual FoxPro is an
application
development tool for building database applications. A
remote attacker can
exploit the vulnerability by convincing a user to visit a
specially crafted
HTML document or open a malicious web page. Successful
exploitation could
result in a denial of service and in execution of arbitrary
code on the
affected system. By enabling this protection, SmartDefense
will detect and
block attempts to exploit this vulnerability.
For more information, refer to CPAI-2008-022 at
http://www.checkpoint.com/defense/advi
sories/public/2008/cpai-04-Febc.html
Microsoft HTML Rendering Memory Corruption Protection
(MS08-010)
Overview: A remote code execution vulnerability was
reported in Microsoft
Internet Explorer. A remote attacker can exploit this
vulnerability by
convincing a user to visit a malicious HTML document.
Successful
exploitation of this issue may lead to a remote code
execution on the
affected system. By enabling this protection, SmartDefense
will detect and
block attempts to exploit this vulnerability.
For more information, refer to CPAI-2008-023 at
http://www.checkpoint.com/defense/advi
sories/public/2008/cpai-04-Febd.html
Microsoft Property Memory Corruption Protection (MS08-010)
Overview: A remote code execution vulnerability was
reported in Microsoft
Internet Explorer. A remote attacker can exploit the
vulnerability by
convincing a user to visit a malicious Web site. Successful
exploitation
could result in remote code execution on a vulnerable
system. By enabling
this protection, SmartDefense will detect and block attempts
to exploit
this vulnerability.
For more information, refer to CPAI-2008-024 at
http://www.checkpoint.com/defense/advis
ories/public/2008/cpai-05-Feb.html
Microsoft Argument Handling Memory Corruption Protection
(MS08-010)
Overview: A remote code execution vulnerability has been
reported in
Microsoft Internet Explorer. A remote attacker can exploit
this
vulnerability by convincing a user to visit a specially
crafted Web page.
Successful exploitation could result in execution of
arbitrary code on the
affected system. By enabling this protection, SmartDefense
will detect and
block attempts to exploit this vulnerability.
For more information, refer to CPAI-2008-025 at
http://www.checkpoint.com/defense/advis
ories/public/2008/cpai-07-Feb.html
Microsoft TCP/IP DHCP Denial of Service Protection
(MS08-004)
Overview: A denial of service vulnerability has been
reported in the
Microsoft Windows TCP/IP handling of certain DHCP packets.
The Dynamic Host
Configuration Protocol (DHCP) provides central management of
IP addresses
and other details related to the IP configuration used on
the network. An
attacker can exploit this vulnerability by sending a
specially crafted
packet through a malicious DHCP server. This may result in a
denial of
service condition on the vulnerable host. By enabling this
protection,
SmartDefense will detect and block malformed DHCP packets
sent from a
malicious server.
For more information, refer to CPAI-2008-026 at
http://www.checkpoint.com/defense/advis
ories/public/2008/cpai-08-Feb.html
Microsoft Word Memory Corruption Protection (MS08-009)
Overview: A remote code execution vulnerability has been
identified in
Microsoft Word. Microsoft Word is a popular word processing
software. A
remote attacker could exploit this issue via a malformed
Word file.
Successful exploitation of this vulnerability may allow
execution of
arbitrary code on a target system. By enabling this
protection,
SmartDefense will detect and block the transferring of
malformed Word files
over HTTP.
For more information, refer to CPAI-2008-027 at
http://www.checkpoint.com/defense/advi
sories/public/2008/cpai-08-Feba.html
Microsoft Works Remote Code Execution Protections (MS08-011)
Overview: Multiple vulnerabilities have been discovered in
Microsoft Works
Converter. Microsoft Works is home productivity software
suite with fewer
features than the Microsoft Office suite. The Microsoft
Works Converter
allows the user to open, edit, and save files in the
Microsoft Works file
format. A remote attacker could exploit these
vulnerabilities via a
malformed Microsoft Works file. Successful exploitation of
these issues may
allow execution of arbitrary code on a target system. By
enabling this
protection, SmartDefense will detect and block the
transferring of
malformed MS Works files over HTTP.
For more information, refer to CPAI-2008-029 at
http://www.checkpoint.com/defense/advi
sories/public/2008/cpai-10-Feba.html
Microsoft LDAP Active Directory Denial of Service Protection
(MS08-003)
Overview: A denial of service vulnerability has been
reported in Microsoft
Windows Active Directory. Active Directory is an
implementation of LDAP
directory services by Microsoft. Lightweight Directory
Access Protocol
(LDAP) is Internet standard protocol designed for querying
and modifying
directory services. The vulnerability could be exploited by
remote
attackers to crash the service via a specially crafted LDAP
request sent to
an affected Active Directory server. By enabling this
protection,
SmartDefense will detect and block malformed LDAP requests
sent to the
Active Directory server.
For more information, refer to CPAI-2008-030 at
http://www.checkpoint.com/defense/advi
sories/public/2008/cpai-10-Febb.html
Links to the recent SmartDefense Advisories are available
at:
http://www.checkpoint.com/defense/advisories/pub
lic/summary.html
Read more about SmartDefense Service at:
http://www.checkpoint.com/defense/advisories/pu
blic/overview.html
To sign-up to the mailing list, send an email to
listserv amadeus.us.checkpoint.com with the text
"SUBSCRIBE
SMARTDEFENSE-NEWS" in the email body.
To unsubscribe from this list, send an email to
listservamadeus.us.checkpoint.com with the text
"SIGNOFF
SMARTDEFENSE-NEWS" In the email body.
As always, please feel free to contact us directly if you
have any comments
or questions (sda-infoCheckPoint.com).
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
wsBVAwUBR8FZAqy7i8j/RTzHAQgjAQgAoU4kuDkSIazBx1DlaD7MAB1n0KGe
EVxK
4W8pRPQaURcakkJnkOgjQcxyO9ULpWO+sVOKttrBn5mrq6KIT4uKXZqvLmBB
7wFW
oVXVWTSi4N39sd/1IbqN5gcgimT7QTbgzc1TmX0lq1+mz5ofiKM30CnFsfXy
sGud
L4dVNItcJNBLwYMHlvjGBoBkH1BwMlkOem9kW+0Ec1GB1Bqr9N4V/+Ba4/hV
H9dJ
J4Snk9OlOQjTizxMtXHNz6BhA/s1GpZ6EtOWHIii6myVTlPdQVl2sl59XOyr
WlMm
3Z0DiFroDGSJUkGPo71CeeHAfUXtlN/JxTScDEwRd28RwXJ3wUalyQ==
=XrE5
-----END PGP SIGNATURE-----
|
