»Top Protections
Two Windows Media Playback Vulnerabilities Could Allow Remote Code Execution
( MS12-004, CVE-2012-0003, CVE-2012-0004 )
Two vulnerabilities in Microsoft Windows' media playing functionality could allow a remote attacker to take control of a targeted system and execute arbitrary code. One of these issues, which relates to how Media Player handles MIDI files, is ranked Critical, while the other concerns DirectShow's improper parsing of media files and is ranked High. The Check Point IPS Software Blade provides network protection against both vulnerabilities. Learn More .
Check Point Provides Network Protection against Microsoft Windows Packager Vulnerability
( MS12-005, CVE-2012-0013 )
A remote code execution vulnerability has been reported in how the Windows Object Packager loads "ClickOnce" applications that are embedded in Microsoft Office files. Successful exploitation could allow an attacker to run arbitrary code on the targeted system in the context of the current user. The Check Point IPS Software Blade provides protection at the network level against this issue. Learn More .
Insecure Executable Launching Vulnerability Found in Microsoft Windows Object Packager
( Microsoft Security Bulletin MS12-002, CVE-2012-0009 ) A remote code execution vulnerability has been discovered in the Windows Object Packager. An attacker could exploit this issue and cause the execution of arbitrary code on a targeted system. The Check Point IPS Software Blade provides protection against this problem at the network level. Learn More .
January 11, 2012
In This Advisory
Top Protections
•
 Two Windows Media Playback Vulnerabilities Could Allow Remote Code Execution
•
 Check Point Provides Network Protection against Microsoft Windows Packager Vulnerability
•
 Insecure Executable Launching Vulnerability Found in Microsoft Windows Object Packager
Highlighted Protections
•
 Including Patch Tuesday









» Highlighted Protections

This table lists Check Point protections for recently disclosed threats. In some cases, Check Point protections against such threats or threat types have been available for some time, and the date listed is the date when the protection became available.
Severity
Vulnerability Description
Check Point Protection
Issued
Industry Reference
Check Point Reference
Number
Critical Microsoft Windows Media Player MIDI Code Execution
10-Jan-2012
High Microsoft Windows DirectShow Filters Remote Code Execution
10-Jan-2012
High Microsoft Windows Assembly Execution Vulnerability
10-Jan-2012
High Microsoft Windows Object Packager Insecure Executable Launching
10-Jan-2012
High Microsoft AntiXSS Library Bypass Information Disclosure
10-Jan-2012
High Preemptive Protection against SSL and TLS Protocols Information Disclosure
10-Jan-2012

More Updates >
Have questions about IPS?
Participate in the IPS User Forum. The IPS Forum is your space for asking questions regarding all IPS features, and to collaborate with other IPS users, worldwide, on IPS related issues. Check Point employees may monitor the forum and provide information on the issues posted.
Know someone who should be getting the Advisories?
» About the Check Point Update Services
Check Point provides ongoing and real-time updates and configuration information through an update service included with the relevant subscriptions. Updates from Check Point's global Research and Response Centers increase the value of your Check Point products, and minimize threats by providing defenses that can be used before vendor patches are applied throughout your network. For more information, visit www.CheckPoint.com.

Read Check Point's Privacy Policy
©2003-2012 Check Point Software Technologies Ltd. (Nasdaq: CHKP) All rights reserved. 800 Bridge Parkway, Redwood City, CA USA 94065