Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Security Best Practice: Blocking Legacy Browsers

Subscribe

Check Point Reference: SBP-2010-13
Date Published:
Severity:
Source: IPS Research Center
Protection Provided by: Security Gateway
  • R70
Who is Vulnerable?
Microsoft Internet Explorer 5
Firefox 2.0
Opera 9.2
Opera 9.0
Opera 8.5
Opera 8.0
Opera 7.02
Vulnerability Description
Microsoft Internet Explorer (IE), is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems starting in 1995. It has been the most widely used web browser since 1999, attaining a peak of about 95% usage share during 2002 and 2003 with IE5 and IE6.
Mozilla Firefox is a free and open source web browser descended from the Mozilla Application Suite and managed by Mozilla Corporation. A Net Applications statistic put Firefox at 24.23% of the recorded usage share of web browsers as of February 2010, making it the second most popular browser in terms of current use worldwide after Microsoft's Internet Explorer. To display web pages, Firefox uses the Gecko layout engine, which implements most current web standards in addition to several features which are intended to anticipate likely additions to the standards.
Opera is a web browser and Internet suite developed by the Opera Software company. The browser handles common Internet-related tasks such as displaying web sites, sending and receiving e-mail messages, managing contacts, chatting on IRC clients, downloading files via BitTorrent, and reading Web feeds. Opera is offered free of charge for personal computers and mobile phones.
Vulnerability Details
Old versions of these internet browsers are known for their security issues.

Protection Overview
This protection will detect and block the following legacy browsers: Microsoft Internet Explorer 5, Firefox 2.0, Opera 9.2, Opera 9.0, Opera 8.5, Opera 8.0, and Opera 7.02.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.

To configure the defense, select your product from the list below and follow the related protection steps.

Security Gateway R70

How Can I Protect My Network?
1. In the IPS tab, click Protections > By Protocol > Web Intelligence > HTTP Client Protections.
2. In the right pane, double-click the Legacy Browsers protection.
3. In the Protection Details window, click on Edit. Choose the protection's Action (Override IPS Policy with: Prevent/Detect), and apply Additional Settings.
4. Install policy on all modules.

How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:

Attack Name: Web Client Enforcement Violation
Attack Information: Legacy Browsers