Check Point provides businesses with preemptive protection against Microsoft exposure

(16/09/2009)

Check Point Software Technologies Ltd has announced that Check Point IPS solutions shield customers against exploits associated with the FTP Service in Microsoft Internet Information Services vulnerability. Successful exploitation of this unpatched vulnerability could allow hackers to take over an affected company’s systems.

Although no Microsoft patch is currently available for this vulnerability, Check Point Security Gateway R70 customers using the IPS Software Blade are automatically protected. No action is required if they are using the “Recommended Profile” setting.

Check Point VPN-1 NGX R65, VSX NGX R65 and IPS-1 NGX R65 customers also have existing protections and should check they are activated.

Microsoft Internet Information Services (IIS) is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network. The vulnerability is due to an error in IIS that fails to do sufficient bounds checking when processing an FTP NLST command. The vulnerability could allow remote code execution on affected systems that are running the FTP service and are connected to the Internet. Enterprise users at risk for this vulnerability have either IIS 5.0, IIS 5.1, or IIS 6.0.

“Exploit code of this vulnerability is available in the wild, meaning hackers could take the code and use it to exploit IIS and remotely control a company’s network,” said Oded Gonda, vice president of network security products at Check Point. “Check Point’s IPS products continue to provide protection against such vulnerabilities before they are even discovered, giving our customers the peace-of-mind that their systems are always secure.”

Check Point’s IPS Software Blade, IPS-1 appliances, and SmartDefense are supported by Check Point update services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies.

Based on the Software Blade architecture, Check Point IPS Software Blade provides complete, integrated, firewall intrusion prevention capabilities at multi-gigabit speeds, with preemptive threat coverage for clients, servers, OS and other vulnerabilities, malware/worm infections, and more. Software Blades are independent and flexible security modules that enable companies to build a custom Check Point Security Gateway.

Related topics:  Application and software security   Hacking and intrusion prevention   Network Security   Security threats and vulnerabilities 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources