New SmartDefense Updates

Email lists > CheckPoint SmartDefense Info

Thread: New SmartDefense Updates

Search this list only Search all lists
New SmartDefense Updates
Israel	2008-03-11 14:32:02
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Greetings, New SmartDefense Updates have been released today, March 11, 2008 for users of VPN-1 NGX R65 & R62. Microsoft Office Web Components Code Execution Protection (MS08-017) Overview: A remote code execution vulnerability has been reported in Microsoft Office Web Components. Microsoft Office Web Components are a collection of Component Object Model (COM) controls for publishing spreadsheets, charts, and databases to the Web, and for viewing the published components on the Web. A remote attacker can exploit this vulnerability by convincing a user to visit a specially crafted Web page. Successful exploitation could result in execution of arbitrary code on the affected system. By enabling this protection, SmartDefense will detect and block attempts to exploit this vulnerability. For more information, refer to CPAI-2008-035 at http://www.checkpoint.com/defense/advis ories/public/2008/cpai-06-Mar.html Microsoft Outlook Crafted URI Code Execution Protection (MS08-015) Overview: A remote code execution vulnerability has been reported in Microsoft Office Outlook. Microsoft Office Outlook is a personal information manager that provides an e-mail application, a calendar and task and contact management. A remote attacker can exploit this vulnerability by convincing a user to visit a specially crafted Web site. Successful exploitation could result in execution of arbitrary code on the affected system. By enabling this protection, SmartDefense will detect and block any attempt to exploit this vulnerability. For more information, refer to CPAI-2008-036 at http://www.checkpoint.com/defense/advi sories/public/2008/cpai-06-Mara.html Microsoft Excel Data Validation Record Protection (MS08-014) Overview: A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. By enabling this protection, SmartDefense will detect and block the transferring of malformed Excel files over HTTP. For more information, refer to CPAI-2008-037 at http://www.checkpoint.com/defense/advi sories/public/2008/cpai-06-Marb.html Microsoft Office Cell Parsing Memory Corruption Protection (MS08-016) Overview: A memory corruption vulnerability has been identified in Microsoft Office. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. By enabling this protection, SmartDefense will detect and block the transferring of malformed Excel files over HTTP. For more information, refer to CPAI-2008-038 at http://www.checkpoint.com/defense/advi sories/public/2008/cpai-06-Marc.html Microsoft Office PowerPoint Memory Corruption Protection (MS08-016) Overview: A remote code execution vulnerability has been reported in Microsoft Office. A remote attacker could exploit this issue via a malformed PowerPoint file. Microsoft PowerPoint is a popular presentation program. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. By enabling this protection, SmartDefense will detect and block the transferring of malformed PowerPoint files over HTTP. For more information, refer to CPAI-2008-039 at http://www.checkpoint.com/defense/advi sories/public/2008/cpai-06-Mard.html Microsoft Excel Conditional Formatting Protection (MS08-014) Overview: A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. By enabling this protection, SmartDefense will detect and block the transferring of malformed Excel files over HTTP. For more information, refer to CPAI-2008-041 at http://www.checkpoint.com/defense/advis ories/public/2008/cpai-09-Mar.html Microsoft Excel Formula Parsing Protection (MS08-014) Overview: A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. By enabling this protection, SmartDefense will detect and block the transferring of malformed Excel files over HTTP. For more information, refer to CPAI-2008-042 at http://www.checkpoint.com/defense/advi sories/public/2008/cpai-09-Mara.html Also published today: Workaround for Multiple Microsoft Symbolic Link Files Vulnerabilities (MS08-014) Overview: A remote code execution vulnerability was reported in the way Microsoft Excel imports Symbolic Link (SYLK) files into Excel. Symbolic Link (SYLK) is a Microsoft file format typically used for exchanging data between applications, particularly spreadsheets. SYLK files conventionally have a .slk suffix. Successful exploitation of this vulnerability may allow a remote attacker to take complete control of an affected system. By enabling this protection, SmartDefense will detect and block the transferring of SYLK files over HTTP. For more information, refer to SBP-2008-04 at http://www.checkpoint.com/defense/adviso ries/public/2008/sbp-06-Mar.html Microsoft Excel Macro Validation Remote Code Execution Preemptive Protection (MS08-014) Overview: A memory corruption vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. By enabling this protection, SmartDefense will detect and block the transferring of malformed Excel files over HTTP. For more information, refer to CPAI-2008-040 at http://www.checkpoint.com/defense/advi sories/public/2008/cpai-06-Mare.html Links to the recent SmartDefense Advisories are available at: http://www.checkpoint.com/defense/advisories/pub lic/summary.html Read more about SmartDefense Service at: http://www.checkpoint.com/defense/advisories/pu blic/overview.html To sign-up to the mailing list, send an email to listservamadeus.us.checkpoint.com with the text "SUBSCRIBE SMARTDEFENSE-NEWS" in the email body. To unsubscribe from this list, send an email to listservamadeus.us.checkpoint.com with the text "SIGNOFF SMARTDEFENSE-NEWS" In the email body. As always, please feel free to contact us directly if you have any comments or questions (sda-infoCheckPoint.com). -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wsBVAwUBR9beMKy7i8j/RTzHAQh3Uwf/fYfonns21vOOWEJRuzSYU3ouvJbb mO7g zn1fuHneZJh5GPMG6ioQ9tM+9GHaX1gGBM48UduE9waST+nlUC42Z7XAhcnJ td7e PURskwIZB0qtwQgkyfZxO7B4qKxq4yd7R6B+J4BO6/mtNliX695LIsmietFJ UCOw nSgLqRh8hwTsHuD6AeJREpCLvlDgoD2DhcwESeVNpvc/e05subDit5pUk1/2 UxxE hKOx0TNk1LapleaiW8xO66CLC3DKJ4hyqFPno6tR8w7BJIktpdKKTH+IkTRT KylD rBgX7fokb+j/9r5cN9n1QFtSl9aFcPcE/Ycb7HTTwTfdD3/baoSfng== =SK/A -----END PGP SIGNATURE-----

[1]

about | contact Other archives ( Real Estate discussion Medical topics )

Mailing lists

ARCHIVES