Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Check Point Protects Networks from Internet Explorer Remote Code Execution Vulnerability


Microsoft Security Bulletin MS11-090CVE-2011-3397 )

Summary


A Microsoft Internet Explorer vulnerability has been reported that could allow remote code execution if a user views a maliciously crafted Web page that uses a specific binary behavior in Internet Explorer. Check Point IPS Software Blade, SmartDefense, and IPS-1 provide protection at the network level against this issue.

Details


This vulnerability is caused due to binary behavior in Internet Explorer that results in system corruption. A remote attacker may exploit this vulnerability by enticing a target user to open a maliciously crafted web page. Successful exploitation of this vulnerability could allow an attacker to gain the same user rights as the logged-on user and execute arbitrary code on the targeted system.

Affected Products

The following Microsoft Windows versions exhibit this vulnerability: 

  • Windows XP SP3
  • Windows XP Professional x64 Edition SP2
  • Windows Server 2003 SP2
  • Windows Server 2003 x64 Edition SP2
  • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista SP2
  • Windows Vista x64 Edition SP2
  • Windows Server 2008 for 32-bit Systems SP2
  • Windows Server 2008 for x64-based Systems SP2
  • Windows Server 2008 for Itanium-based SP2
  • Windows 7 for 32-bit Systems - original release and SP1
  • Windows 7 for x64-based Systems - original release and SP1
  • Windows Server 2008 R2 for x64-based Systems - original release and SP1
  • Windows Server 2008 R2 for Itanium-based Systems - original release and SP1
  • Microsoft Publisher 2007 SP2 and SP3

Solution


Check Point recommends that the update described in  Microsoft Security Bulletin MS11-090 be deployed as soon as is practical. In the meantime, Check Point IPS Software Blade, NGX SmartDefense, and IPS-1 protect networks from this issue by detecting and blocking attempts to open maliciously crafted web pages that attempt to exploit the vulnerability. For more information, see  CPAI-2011-575.

 

Originally Published:

Last Updated: 13-Dec-2011

Legal Notice for Threat Center Advisories