Breaking News
Top Protections
Check Point Update Services Overview
In a constantly changing threat environment, defenses must evolve with or ahead of threats. Check Point Update Services provide real-time defense updates and configuration advice for IPS, URL Filtering, Antivirus & Anti-Malware, Anti-Spam & Email Security Security Service Software Blades. Also covered by Update Services are SmartDefense in NGX VPN-1, VSX, IPS-1, Connectra, Endpoint Security On Demand, and Endpoint Security products.
Key Benefits
- Pre-emptive Protection - Keep your defenses current between your regularly-scheduled product upgrades and security patches.
- Easy Management - Update your whole system in minutes. Each update comes with full configuration instructions and information about the associated threat.
- IPS, Web security, Antivirus, Anti-Malware, Web filtering, and Anti-Spam protection - Get the latest signatures and detection methods.
- Program Advisor - Update Check Point Endpoint Security with recommendations for application control for your endpoint computers.
- 24x7 Threat Coverage - Check Point Security products are supported by multiple Check Point Research and Response Centers around the globe that provided the best Microsoft vulnerability threat coverage amongst leading security vendors.
Latest Protections
| Severity | Date | Check Point Reference |
Industry Reference |
Description |
|---|---|---|---|---|
| CPAI-2012-045 | Suspected LOIC Traffic Domains Block List | |||
| CPAI-2012-044 | Web Servers Multiple Requests LOIC Distributed Denial of Service | |||
| CPAI-2012-042 | CVE-2011-0799 | Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE Multiple SQL Injections (CVE-2011-0799) | ||
| CPAI-2012-041 | CVE-2011-2014 | Microsoft Windows Active Directory LDAPS Authentication Bypass (MS11-086; CVE-2011-2014) | ||
| CPAI-2012-040 | Oracle AutoVue AutoVueX ActiveX Control Export3DBom Remote File Creation | |||
| CPAI-2012-039 | Oracle AutoVue AutoVueX ActiveX Control ExportEdaBom Remote File Creation | |||
| CPAI-2012-038 | CVE-2011-0799 | Oracle Warehouse Builder WB_OLAP_AW_REMOVE_SOLVE_ID SQL Injection (CVE-2011-0799) | ||
| CPAI-2012-034 | CVE-2007-2446 | Samba SRVSVC RPC sec_io_acl Request Handling Heap Buffer Overflow | ||
| CPAI-2012-032 | CVE-2011-0098 | Microsoft Office Excel Label Record Buffer Overflow | ||
| CPAI-2012-031 | CVE-2011-4372CVE-2011-2438 | Preemptive Protection against Adobe Reader and Acrobat Embedded BMP Malicious JavaScript Memory Corruption (APSB12-01; CVE-2011-4372) | ||
| CPAI-2012-030 | CVE-2012-4373 | Adobe Reader and Acrobat Embedded BMP Memory Corruption (APSB12-01; CVE-2012-4373) | ||
| CPAI-2012-029 | CVE-2011-4371 | Adobe Reader and Acrobat Malformed JavaScript Heap Corruption (APSB12-01; CVE-2011-4371) | ||
| CPAI-2012-028 | CVE-2011-4370 | Adobe Acrobat and Reader JPEG DCT Dequantizer Memory Corruption (APSB12-01; CVE-2011-4370) | ||
| CPAI-2012-027 | CVE-2011-1527 | MIT Kerberos KDC LDAP Back Null Pointer Dereference Denial of Service (CVE-2011-1527) | ||
| CPAI-2012-026 | CVE-2011-2301 | Oracle Database CTXSYS.DRVDISP.TABLEFUNC_ASOWN Buffer Overflow (CVE-2011-2301) | ||
| CPAI-2012-025 | CVE-2011-2813 | Apple Safari WebKit Form Elements Denial of Service (CVE-2011-2813) | ||
| CPAI-2012-024 | CVE-2011-1440 | Google Chrome and Apple Safari Apple Webkit Ruby Memory Corruption (CVE-2011-1440) | ||
| CPAI-2012-023 | Oracle Hyperion Strategic Finance Client ActiveX Control Code Execution | |||
| CPAI-2012-022 | Embarcadero InterBase Connect Request Multiple Stack Buffer Overflows | |||
| CPAI-2012-021 | CVE-2011-4063 | Digium Asterisk SIP Channel Driver Denial of Service (CVE-2011-4063) | ||
| CPAI-2012-015 | CVE-2011-1865 | HP OpenView Storage Data Protector Stack Buffer Overflow (CVE-2011-1865) | ||
| CPAI-2012-011 | CVE-2011-2569 | Cisco NX-OS Interface Commands Privilege Escalation (CVE-2011-2569) | ||
| CPAI-2012-010 | CVE-2011-4096 | Squid DNS Replies Invalid Free Code Execution (CVE-2011-4096) | ||
| CPAI-2012-009 | Nullsoft Winamp Advanced Module Format File Buffer Overflow | |||
| CPAI-2012-008 | CVE-2011-0283 | MIT Kerberos KDC NULL Pointer Denial Of Service (CVE-2011-0283) | ||
| CPAI-2012-007 | CVE-2007-1398 | Sourcefire Snort Packet Fragmentation Reassembly Denial of Service (CVE-2007-1398) | ||
| CPAI-2012-020 | CVE-2011-3389 | Preemptive Protection against SSL and TLS Protocols Information Disclosure (MS12-006; CVE-2011-3389) | ||
| CPAI-2012-019 | CVE-2012-0004 | Microsoft Windows DirectShow Filters Remote Code Execution (MS12-004; CVE-2012-0004) | ||
| CPAI-2012-018 | CVE-2012-0013 | Microsoft Windows Assembly Execution Vulnerability (MS12-005; CVE-2012-0013) | ||
| CPAI-2012-017 | CVE-2012-0007 | Microsoft AntiXSS Library Bypass Information Disclosure (MS12-007; CVE-2012-0007) | ||
| CPAI-2012-016 | CVE-2012-0009 | Microsoft Windows Object Packager Insecure Executable Launching (MS12-002; CVE-2012-0009) | ||
| CPAI-2012-014 | CVE-2012-0003 | Microsoft Windows Media Player MIDI Code Execution (MS12-004; CVE-2012-0003) | ||
| CPAI-2011-128 | Preemptive Protection against Freefloat FTP Server Invalid Command Buffer Overflow | |||
| CPAI-2011-127 | Trend Micro Control Manager CSRF | |||
| CPAI-2011-126 | Novell ZENworks Handheld Management Upload Directory Traversal | |||
| CPAI-2012-013 | Microsoft Windows Win32k.sys Malformed IFrame Memory Corruption | |||
| CPAI-2012-012 | CVE-2011-3416 | Microsoft ASP.NET Authentication Bypass Elevation of Privilege (MS11-100; CVE-2011-3416) | ||
| CPAI-2012-001 | CVE-2011-3414 | Microsoft ASP.NET and PHP Hash Collision Denial of Service (CVE-2011-3414) | ||
| CPAI-2011-597 | CVE-2011-0084 | Mozilla Multiple Products Malformed SVG Use After Free (CVE-2011-0084) | ||
| CPAI-2011-596 | HP Data Protector Media Operations Memory Corruption | |||
| CPAI-2011-595 | CVE-2011-0554 | Symantec IM Manager Web Interface ProcessAction Code Execution (CVE-2011-0554) | ||
| CPAI-2011-594 | Oracle AutoVue ActiveX Control File Overwrite | |||
| CPAI-2011-592 | CVE-2009-2994 | Adobe Acrobat and Reader U3D CLODMeshDeclaration Memory Corruption (CVE-2009-2994) | ||
| CPAI-2011-602 | CVE-2011-3415 | Microsoft .Net Form Authentication Insecure Redirect (MS11-100; CVE-2011-3415) | ||
| CPAI-2011-589 | CVE-2007-6530 | Persits XUpload ActiveX String Length Buffer Overflow (CVE-2007-6530) | ||
| CPAI-2011-588 | CVE-2011-1774 | Apple Safari Webkit libxslt Arbitrary File Creation (CVE-2011-1774) | ||
| CPAI-2011-531 | CVE-2007-3435 | RKD Software ActiveX Control Remote Stack Buffer Overflow (CVE-2007-3435) | ||
| CPAI-2011-526 | CVE-2007-5107 | Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow (CVE-2007-5107) | ||
| CPAI-2011-590 | CVE-2011-4369 | Adobe Reader and Acrobat PRC Heap Spraying (APSB11-30; CVE-2011-4369) | ||
| CPAI-2011-587 | CVE-2011-0554 | Symantec IM Manager Administrator Console Code Injection (CVE-2011-0554) | ||
| CPAI-2011-586 | MPlayer SAMI Subtitle sub_read_line_sami Buffer Overflow | |||
| CPAI-2011-585 | CVE-2011-0553 | Symantec IM Manager Administrator Interface SQL Injection (CVE-2011-0553) | ||
| CPAI-2011-584 | CVE-2011-2882 | Citrix Access Gateway Plug-in ActiveX Code Execution (CVE-2011-2882) | ||
| CPAI-2011-583 | CVE-2011-1897 | Microsoft Forefront UAG Default Reflected Cross-site Scripting (MS11-079; CVE-2011-1897) | ||
| CPAI-2011-578 | CVE-2011-3000 | Mozilla Multiple Products Multiple Location Headers HTTP Response Splitting (CVE-2011-3000) | ||
| CPAI-2011-558 | Citrix XenApp and XenDesktop XML Service Interface Code Execution | |||
| CPAI-2011-557 | Sunway ForceControl SNMP NetDBServer Integer Signedness Buffer Overflow | |||
| CPAI-2011-431 | CVE-2011-3170 | Apple CUPS gif_read_lzw Heap Buffer Overflow (CVE-2011-3170) | ||
| CPAI-2011-125 | CVE-2011-1848 | HP Intelligent Management Center Img Buffer Overflow (CVE-2011-1848) | ||
| CPAI-2011-579 | Microsoft Time Remote Code Execution (MS11-090) |
Archives
Product Updates
Security Gateway
VSX
IPS-1
Microsoft Security Bulletins for
= Check Point has provided a protection to this bulletin
Microsoft Security Bulletin MS11-081:
Cumulative Security Update for Internet Explorer (2586448)
Severity: Critical
CVE-2011-1993: Scroll Event Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
- Check Point Response
- Internet Explorer Scroll Event Memory Corruption (MS11-081; CVE-2011-1993) Release Date:
CVE-2011-1995: OLEAuto32.dll Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
- Check Point Response
- Microsoft Internet Explorer Uninitialized Pointer Dereference (MS11-081; CVE-2011-1995) Release Date:
CVE-2011-1996: Option Element Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
- Check Point Response
- Internet Explorer Option Element Memory Corruption (MS11-081; CVE-2011-1996) Release Date:
CVE-2011-1997: OnLoad Event Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
- Check Point Response
- Internet Explorer OnLoad Event Memory Corruption (MS11-081; CVE-2011-1997) Release Date:
CVE-2011-1999: Select Element Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses a dereferenced memory address. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
- Check Point Response
- Microsoft Internet Explorer Element Index Memory Corruption (MS11-081; CVE-2011-1999) Release Date:
CVE-2011-2000: Body Element Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
- Check Point Response
- Internet Explorer Body Element Memory Corruption (MS11-081; CVE-2011-2000) Release Date:
CVE-2011-2001: Virtual Function Table Corruption Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses a virtual function table after it has been corrupted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
- Check Point Response
- Internet Explorer Virtual Function Table Memory Corruption (MS11-081; CVE-2011-2001) Release Date:
Microsoft Security Bulletin MS11-080:
Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2592799)
Severity: High
Microsoft Security Bulletin MS11-079:
Vulnerabilities in Microsoft Forefront Unified Access Gateway Could Cause Remote Code Execution (2544641)
Severity: High
CVE-2011-1895: ExcelTable Response Splitting XSS Vulnerability
An HTTP response splitting vulnerability exists in Microsoft Forefront Unified Access Gateway (UAG) server where JavaScript can be injected back to the user in the resulting page, effectively allowing attacker-controlled JavaScript to run in the context of the user clicking the link.
- Check Point Response
- Microsoft Forefront UAG ExcelTable Information Disclosure (MS11-079; CVE-2011-1895) Release Date:
CVE-2011-1896: ExcelTable Reflected XSS Vulnerability
An XSS vulnerability exists in Microsoft Forefront Unified Access Gateway (UAG) server where JavaScript can be injected back to the user in the resulting page, effectively allowing attacker-controlled JavaScript to run in the context of the user clicking the link.
- Check Point Response
- Microsoft ForeFront ExcelTable Data Cross-Site Scripting (MS11-079) Release Date:
CVE-2011-1896: ExcelTable Reflected XSS Vulnerability
An XSS vulnerability exists in Microsoft Forefront Unified Access Gateway (UAG) server where JavaScript can be injected back to the user in the resulting page, effectively allowing attacker-controlled JavaScript to run in the context of the user clicking the link.
- Check Point Response
- Preemptive Protection against Microsoft Forefront UAG ExcelTable Reflected XSS Information Disclosure (MS11-079; CVE-2011-1896) Release Date:
CVE-2011-1897: Default Reflected XSS Vulnerability
An XSS vulnerability exists in Microsoft Forefront Unified Access Gateway (UAG) server where JavaScript can be injected back to the user in the resulting page, effectively allowing attacker-controlled JavaScript to run in the context of the user clicking the link.
- Check Point Response
- Microsoft ForeFront Default Portal Cross-Site Scripting (MS11-079) Release Date:
CVE-2011-1897: Default Reflected XSS Vulnerability
An XSS vulnerability exists in Microsoft Forefront Unified Access Gateway (UAG) server where JavaScript can be injected back to the user in the resulting page, effectively allowing attacker-controlled JavaScript to run in the context of the user clicking the link.
- Check Point Response
- Preemptive Protection against Microsoft Forefront UAG Default Reflected XSS Information Disclosure (MS11-079; CVE-2011-1897) Release Date:
CVE-2011-1969: Poisoned Cup of Code Execution Vulnerability
Microsoft Forefront Unified Access Gateway (UAG) applies a signed Java applet that can be leveraged by malicious Web sites to cause remote code execution on any Java-enabled Web browser.
- Check Point Response
- Microsoft Forefront UAG Poisoned Cup of Code Execution (MS11-079; CVE-2011-1969) Release Date:
CVE-2011-2012: Null Session Cookie Crash
A denial of service vulnerability exists in implementations of Microsoft Forefront Unified Access Gateway (UAG). When this occurs, an attacker could leverage the vulnerability to stop the IIS worker process and deny access to Web services on the affected system.
- Check Point Response
- Microsoft Forefront UAG Session Cookie Denial of Service (MS11-079; CVE-2011-2012) Release Date:
Microsoft Security Bulletin MS11-078:
Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2604930)
Severity: Critical
CVE-2011-1253: .NET Framework Class Inheritance Vulnerability
A remote code execution vulnerability exists in the way that the Microsoft .NET Framework and Silverlight framework restrict inheritance within classes. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the logged-on user. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- Check Point Response
- Microsoft .Net and Silverlight Framework Remote Code Execution (MS11-078; CVE-2011-1253) Release Date:
Microsoft Security Bulletin MS11-077:
Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2567053)
Severity: High
CVE-2011-2003: Font Library File Buffer Overrun Vulnerability
A remote code execution vulnerability exists in the Windows kernel due to improper handling of a specially crafted .fon font file. The vulnerability could allow an attacker to run code in kernel-mode and then install programs; view, change, or delete data; or create new accounts with full administrative rights.
- Check Point Response
- Portable Executable (PE) 16-bit File Release Date:
CVE-2011-2003: Font Library File Buffer Overrun Vulnerability
A remote code execution vulnerability exists in the Windows kernel due to improper handling of a specially crafted .fon font file. The vulnerability could allow an attacker to run code in kernel-mode and then install programs; view, change, or delete data; or create new accounts with full administrative rights.
- Check Point Response
- Preemptive Protection against Microsoft Windows Kernel Font Library File Buffer Overrun (MS11-077; CVE-2011-2003) Release Date:
Microsoft Security Bulletin MS11-076:
Vulnerability in Windows Media Center Could Allow Remote Code Execution (2604926)
Severity: High
CVE-2011-2009: Media Center Insecure Library Loading Vulnerability
A remote code execution vulnerability exists in the way that Windows Media Center handles the loading of DLL files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- Check Point Response
- Microsoft Windows Multiple COM Binary Planting Vulnerabilities (MS11-076; CVE-2011-2009) Release Date:
Microsoft Security Bulletin MS11-075:
Vulnerability in Microsoft Active Accessibility Could Allow Remote Code Execution (2623699)
Severity: High
CVE-2011-1247: Active Accessibility Insecure Library Loading Vulnerability
A remote code execution vulnerability exists in the way that the Microsoft Active Accessibility component handles the loading of DLL files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
- Check Point Response
- Microsoft Active Accessibility DLL Loading Remote Code Execution (MS11-075; CVE-2011-1247) Release Date:
