-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Greetings,
New SmartDefense Updates have been released today, March 2,
2008 for users
of VPN-1 NGX R65, R62, R61, R60, VPN-1 NG R55, users of
InterSpect NGX and
users of Connectra NGX R62 & R61.
Multiple PDF Containing Embedded JavaScript Protections
Overview: Remote code execution vulnerabilities have been
reported in
Adobe Acrobat when handling PDF files that contain embedded
JavaScript. A
remote attacker can exploit these vulnerabilities to execute
arbitrary code
on an affected system via a specially crafted PDF file.
Portable Document
Format (PDF) is an open file format created by Adobe
Systems. It is used
for representing two-dimensional documents in a device and
resolution
independent fixed-layout document format. Successful
exploitation allows
execution of arbitrary code on a vulnerable system. By
enabling this
protection, SmartDefense will detect and block any attempt
to transfer over
HTTP PDF files that contain embedded JavaScript.
For more information, refer to SBP-2008-02 at
http://www.checkpoint.com/defense/adviso
ries/public/2008/sbp-10-Feb.html
Protections against Recent Malware Threats (2-Mar-08)
Overview: Malware is a software designed to infiltrate or
damage a
computer system without the owner's informed consent. It is
a general name
for a variety of forms of hostile, intrusive, or annoying
programs like
Viruses, worms, Adware, Trojans, and spyware that exploit
unprotected
clients, using network access to intrude upon organizations,
destroying or
stealing data. The update enables the Header Rejection
protection and the
HTTP Worm Catcher to detect and block the malware based on
pre-defined
header names and worm signatures.
For more information, refer to CPAI-2008-033 at
http://www.checkpoint.com/defense/advis
ories/public/2008/cpai-18-Feb.html
Also published today:
Get Yourself Familiar with the General HTTP Worm Catcher
Overview: A worm is a self-replicating malware, which
propagates by
actively sending itself to new machines. There are worms
that propagate by
using security vulnerabilities in HTTP servers or clients.
Some worms are
able to open back doors, launch Trojans, stop security
applications and
destroy computer systems. Web Intelligence can provide
protection against
many HTTP threats, including preventing attacks that run
malicious code on
web servers or clients. The General HTTP Worm Catcher is
able to detect and
block vulnerabilities based on pre-defined worm signatures.
For more information, refer to SBP-2008-03 at
http://www.checkpoint.com/defense/adviso
ries/public/2008/sbp-25-Feb.html
Links to the recent SmartDefense Advisories are available
at:
http://www.checkpoint.com/defense/advisories/pub
lic/summary.html
Read more about SmartDefense Service at:
http://www.checkpoint.com/defense/advisories/pu
blic/overview.html
To sign-up to the mailing list, send an email to
listserv amadeus.us.checkpoint.com with the text
"SUBSCRIBE
SMARTDEFENSE-NEWS" in the email body.
To unsubscribe from this list, send an email to
listservamadeus.us.checkpoint.com with the text
"SIGNOFF
SMARTDEFENSE-NEWS" In the email body.
As always, please feel free to contact us directly if you
have any comments
or questions (sda-infoCheckPoint.com).
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
wsBVAwUBR8rNBay7i8j/RTzHAQj0iAgAtkwGMYrvD5E6iossAFOJvI0vgIBv
WG32
+tyzQ0hbw2a1ib85TDkd7AbCIng8C5IX1WjqAlRWNUkyMwCBl8h+FVWBkVYP
AXJ7
blJGujgqrIzkN512q/dJKqUT0rKIf628eqJ4LoqM3fQrEsbRzTIJIndmg+nv
y4O4
QEW8pDHElStPqw9dcE7IERRnshvZoi8Fmcmh8ahA8pxD/oD8etwVFYbxV0tv
1E2/
A4z0PbI0wBUwXiitNh5+UBcFm68ExSdzb5/AEEG0MEUn4Fq1vjQvssom2K6q
jeP7
/yJ4yRc6g1p+gP4wFXwtNznWjG9h1WlVQmk86w8ZUEKQWRTJfA+tOg==
=ShQP
-----END PGP SIGNATURE-----
|
