An important enhancement to the SmartDefense Services Update that was released for Microsoft Excel Rich Text Validation Vulnerability (MS08-014) on March 17 2008 is now immediately available for users of VPN-1� NGX R65, R62, R61, R60, and VSX NGX R65. This update provides protection against a recently disclosed Microsoft Excel Zero-Day vulnerability:

Microsoft Excel Rich Text Parsing Zero-Day Remote Code Execution Vulnerability

Industry Reference: CVE-2009-0238.

A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. SmartDefense Services protection will detect and block the transferring of malformed Excel files over HTTP.

Protections are available immediately for this vulnerability. See CPAI-2009-028.

February 26, 2009

You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe

As always, please feel free to contact us directly if you have any comments or questions.

Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065