»Top Protections

Microsoft Patches Two 0-day Vulnerabilities
(MS10-042, MS10-043)

In the July security update Microsoft patched two 0-day vulnerabilities. The Windows Help and Support Center vulnerability that was reported in early June by a Google security engineer along with proof of concept code went unpatched for 33 days. The Windows Canonical Display Driver vulnerability that they acknowledged in mid-May went unpatched for 55 days. The Check Point IPS Software Blade provided protection within three days of the public disclosure of these vulnerabilities. More information.

Microsoft Outlook AttachMethods Vulnerability
(MS10-045, CVE-2010-0266)

A remote code execution vulnerability exists in the way that Microsoft Office Outlook verifies attachments in e-mail messages. A remote attacker may exploit this vulnerability to take complete control of the affected system. The Check Point IPS Software Blade detects and blocks attempts to bypass the Outlook attachment filter. More information.

IPS Update for Critical Adobe Vulnerabilities in APSB10-15
(APSB10-15)

Adobe released an accelerated quarterly security update on June 29th to patch critical vulnerabilities in Adobe Reader and Acrobat that are being exploited in the wild. A remote attacker may exploit these vulnerabilities to take complete control of an affected system. Check Point recommends applying these patches and the additional Check Point protections in the IPS Software Blade. More information.

July 13, 2010
In This Advisory
» Top Protections
Microsoft Patches Two 0-day Vulnerabilities
Microsoft Outlook AttachMethods Vulnerability
IPS Update for Critical Adobe Vulnerabilities in APSB10-15
» Deployment Tip
Evaluate IPS today
» Highlighted Protections
Including Patch Tuesday







Deployment Tip
Best Practice: Evaluate IPS today
If you want intrusion protection, you can simply enable the IPS Software Blade; however, it won’t enforce the latest protections until you have a valid IPS contract*. Get a 30 day IPS contract from the Check Point User Center and begin your evaluation of intrusion protection from Check Point today.

To evaluate IPS:

1. In the User Center
a. Select Products -> My Products
b. For the relevant product select Actions -> Evaluate IPS
2. In SmartUpdate
a. Select Licenses & Contracts -> Update ContractsFrom User Center
b. Enter your User Center credentials
c. Begin your evaluation
User Center example:
SmartUpdate Example:


* More information about IPS contracts is available in SecureKnowledge solution sk44175.

» Highlighted Protections

This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.

Severity
Vulnerability Description
Check Point Protection
Issued
Industry Reference
Check Point Reference
Number
Critical
Microsoft Windows Canonical Display Driver Denial of Service
20-May-10
CVE-2009-3678
MS10-043

CPAI-2010-083
Critical
Microsoft Office Access ACCWIZ.dll Uninitialized Variable Remote Code Execution
13-Jul-10
CVE-2010-1881
MS10-044

CPAI-2010-219
Critical
Microsoft Internet Explorer Access ActiveX Controls Remote Code Execution
13-Jul-10
CVE-2010-0814
MS10-044

CPAI-2010-217
Critical
Adobe Reader and Acrobat Launch Action Command Code Execution
30-Jun-10
CVE-2010-1240
APSB10-15

CPAI-2010-211
Critical
Adobe Flash Player Deprecated Tag Memory Corruption Vulnerability
22-Jun-10
CVE-2010-2186
APSB10-14

CPAI-2010-212
Critical
Adobe Flash Player Embedded JPEG Remote Code Execution
22-Jun-10
CVE-2010-2164
APSB10-14

CPAI-2010-210
Critical
Adobe Flash Player Embedded Image Integer Overflow
22-Jun-10
CVE-2010-2170
APSB10-14

CPAI-2010-209
Critical
Adobe Photoshop CS4 ABR File Processing Buffer Overflow
27-Jun-10
CVE-2010-1296
APSB10-13

CPAI-2010-213
High
Microsoft Internet Explorer Help and Support Center Remote Code Execution
13-Jun-10
CVE-2010-1885
MS10-042

CPAI-2010-208
High
Microsoft Outlook AttachMethods Remote Code Execution
13-Jul-10
CVE-2010-0266
MS10-045

CPAI-2010-218
High
PDF Files Containing Embedded Adobe Flash Movies Vulnerabilities
30-Jun-10
CVE-2010-1297
CVE-2010-2168
CVE-2010-2201

SBP-2010-22
High
PDF Files Containing Malformed JBIG2 Structure Vulnerabilities
06-Jul-10
CVE-2009-0658
CVE-2009-1858

SBP-2010-23
High
Apple Safari for Windows and Internet Explorer Combined Code Execution
13-Jul-10
CVE-2008-2540
Microsoft Security Advisory (953818)

CPAI-2010-216
High
Apple Safari parent.close Code Execution
06-Jul-10
CVE-2010-1939
CPAI-2010-215

More Updates >

Have questions about IPS?
Participate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted.
Know someone who should be getting the Advisories?
» About the Check Point Update Services
Check Point provides ongoing and real-time updates and configuration information to its NGX products through SmartDefense subscriptions, and to Check Point Software Blades products through an update service included with the relevant Software Blade subscriptions. These updates increase the value of your Check Point products and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. These defenses are developed and distributed by Check Point’s global Research and Response Centers. For more information, visit www.CheckPoint.com.


Read Check Point's Privacy Policy
©2003-2010 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065