Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Zero-Day Microsoft Server Service Vulnerability
SmartDefense Microsoft Security Resources

Check Point SmartDefense® Services protects customers using VPN-1® NGX R65 and R62, VSX NGX R65, and IPS-1 NGX R65 from a new Microsoft Server Service zero-day exploit. SmartDefense Services subscribers can gain immediate protection against the vulnerability well before deploying the patch provided by Microsoft.

The vulnerability (CVE-2008-4250) was announced October 23, 2008 in a special, out-of-band, Microsoft Security Bulletin MS08-067 and affects users of Microsoft Windows based desktops, laptops, and servers (for a full list of vulnerable products visit: www.microsoft.com/technet/security/Bulletin/MS08-067.mspx). When exploited, the vulnerability allows a hacker to execute arbitrary code on a target system.

The Windows Server service improperly handles specially crafted Remote Procedure Call (RPC) requests. A remote unauthenticated attacker could exploit the issue by creating a malicious RPC request and sending it to a vulnerable system, granting the attacker complete control of the system. The vulnerability could potentially be used to create an exploit that will propagate as a worm.

SmartDefense Protections are available immediately for this vulnerability. See CPAI-2008-158.