Update Protection against Microsoft PowerPoint DLL Planting Code Execution Vulnerability (MS10-087)
| Check Point Reference: | CPAI-2010-311 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS10-087 | |
| Industry Reference(s): | CVE-2010-3337 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Microsoft Office 2007 SP2 Microsoft Office 2010 (32-bit editions) Microsoft Office 2010 (64-bit editions) | ||
| Vulnerability Description A memory corruption vulnerability has been identified in the way that Microsoft Office handles the loading of DLL files. Microsoft Office is an office suite of inter-related desktop applications, servers and services for the Microsoft Windows and Mac OS X operating systems. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS10-087 |
|
|
Vulnerability Details This vulnerability requires a user to open an Office document contained within the same working directory as a specially crafted DLL file. When the user opens an Office file, the specially crafted DLL file - which is contained in the same directory as the Office file - will be loaded. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. |
Protection Overview
This protection will detect and block the transferring of the vulnerable DLL over HTTP, SMB, and NetBios.
In order for the protection to be activated, update your Security Gateway/VPN-1 product to the latest IPS/SmartDefense update. For information on how to update IPS/SmartDefense, go to SBP-2006-05, Protection tab, and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.