SmartDefense Security Advisory

Microsoft Windows TCP/IP Selective Acknowledgement Denial of Service Vulnerability (MS10-009)

Industry Reference:CVE-2010-0242.

A denial of service vulnerability has been reported in Microsoft Windows TCP/IP stack Selective acknowledgment (SACK) processing. TCP/IP SACK is used for connections with large TCP window sizes. When SACK is enabled, if a packet or series of packets is dropped the receiver can inform the sender of exactly which data has been received and where the holes in the data are. The sender can then selectively retransmit the missing data without needing to retransmit blocks of data that have already been received successfully. A remote attacker may exploit this issue to cause the affected system to stop responding. This protection will detect and block TCP packets with malformed SACK options.

Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
CPAI-2010-040.

Microsoft Windows Kernel Exception Handler Code Execution Vulnerability (MS10-015)

Industry Reference:CVE-2010-0232.

An elevation of privilege vulnerability exists in the Windows Kernel due to the way the kernel handles certain exceptions. The Windows Kernel is the core of the operating system. It provides system level services such as device management and memory management, allocates processor time to processes, and manages error handling. An attacker may exploit this vulnerability via a specially crafted application. This protection will detect and block Windows executable (PE) 16-bit files.

Security Gateway R70: A new protection is now available.
VPN-1 NGX R65 & VSX NGX R65: A new protection is now available.
SBP-2010-11.

 March 1, 2010

IPS Software Blade

Buy Now

Guidelines

Forums

SmartDefense Microsoft Security Resources
You have received this notification because you have subscribed to the SmartDefense mailing list. If you would prefer to no longer receive security alerts and defense notifications please click to Unsubscribe

As always, please feel free to contact us directly if you have any comments or questions.

Read Check Point's Privacy Policy
©2003.2009 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved.
800 Bridge Parkway, Redwood City, CA USA 94065