MEDIA CONTACT:
McGallen & Bolden PR
tel: +65-63246588
email

FOR IMMEDIATE RELEASE (For Asia Only)

Media Alert: Check Point Research Team Discovers Critical Tooltalk Database Server Vulnerability

Check Point IPS solutions protect businesses against newly discovered ToolTalk Database Server Parser vulnerability and newly patched Microsoft zero-day threats

Singapore, July 29, 2010 - Check Point® Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the Internet, today announced the Check Point IPS Research team has recently discovered a critical vulnerability in a function of the ToolTalk Database Server Parser that can enable a remote attacker to potentially inject and execute arbitrary code onto the affected system. Check Point customers are protected against this vulnerability with the Check Point IPS Software Blade and NGX SmartDefense, which provide immediate protection by detecting and blocking malformed database requests. For more information and protection against the ToolTalk database server vulnerability, visit: http://www.checkpoint.com/defense/advisories/public/announcement/2010/071410-tooltalk-db-server-vulnerability.html.

The vulnerability identified is in the RPC-based ToolTalk database server that creates and manages database files and affects all system users with IBM AIX Version 6.1.3 and lower, Sun Solaris 10 Sparc/x86 and lower, as well as HP HP-UX 11.0 and lower. The vulnerability was discovered and responsibly disclosed to vendors by the Check Point IPS Research team, who conduct original research on network, protocol, application vulnerabilities, and identify potential exploits before they are introduced into the wild. Check Point recommends applying the latest vendor patches and getting immediate protection by applying the latest IPS update.

In addition, Check Point also announced today that its IPS Software Blade and NGX SmartDefense solutions protect against the two zero-day vulnerabilities Microsoft recently patched, including:

The Windows Help and Support Center (HSC) vulnerability - A zero-day threat found that can enable a remote attacker to entice a user to open a maliciously crafted HTML file with Internet Explorer and execute arbitrary code on the affected system.

The Canonical Display Driver vulnerability - A critical zero-day threat that may be exploited by convincing a user to view a specially crafted image file with an affected application.

Check Point IPS solutions provide intrusion prevention capabilities integrated into Check Point gateways that detect and block attempts to exploit these vulnerabilities. Check Point IPS products are supported by Check Point's Update Services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies. Check Point protections are developed and distributed by Security Research and Response Centers located around the globe. 

Based on the Software Blade architecture, Check Point IPS Software Blade provides complete, integrated, next generation firewall intrusion prevention capabilities at multi-gigabit speeds, with preemptive threat coverage for clients, servers, OS and other vulnerabilities, malware/worm infections, and more. Software Blades are independent and flexible security modules that enable companies to select the functions they need to build a custom Check Point Security Gateway.

More information about these vulnerabilities and Check Point protections can be found at: http://www.checkpoint.com/defense/advisories/public/index.html.


About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com), the worldwide leader in securing the Internet, is the only vendor to deliver Total Security for networks, data and endpoints, unified under a single management framework. Check Point provides customers with uncompromised protection against all types of threats, reduces security complexity and lowers total cost of ownership. Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. Today, Check Point continues to innovate with the development of the Software Blade architecture. The dynamic Software Blade architecture delivers secure, flexible and simple solutions that can be fully customized to meet the exact security needs of any organization or environment. Check Point customers include tens of thousands of businesses and organizations of all sizes including all Fortune 100 companies. Check Point's award-winning ZoneAlarm solutions protect millions of consumers from hackers, spyware and identity theft. 

Copyright(c)2010 Check Point Software Technologies Ltd. All rights reserved.




Search engines:


Check Point site

Keyword terms for page: Check Point Software Technologies Ltd. - Products include Check Point, AlertAdvisor, Application Intelligence, Check Point Express, Check Point Express CI, the Check Point logo, ClusterXL, Confidence Indexing, ConnectControl, Connectra, Connectra Accelerator Card, Cooperative Enforcement, Cooperative Security Alliance, CoSa, DefenseNet, Dynamic Shielding Architecture, Eventia, Eventia Analyzer, Eventia Reporter, Eventia Suite, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer, FloodGate-1, Hacker ID, Hybrid Detection Engine, IMsecure, INSPECT, INSPECT XL, Integrity, Integrity Clientless Security, Integrity SecureClient, InterSpect, IPS-1, IQ Engine, MailSafe, NG, NGX, Open Security Extension, OPSEC, OSFirewall, Policy Lifecycle Management, Provider-1, Safe@Home, Safe@Office, SecureClient, SecureClient Mobile, SecureKnowledge, SecurePlatform, SecurePlatform Pro, SecuRemote, SecureServer, SecureUpdate, SecureXL, SecureXL Turbocard, Sentivist, SiteManager-1, SmartCenter, SmartCenter Express, SmartCenter Power, SmartCenter Pro, SmartCenter UTM, SmartConsole, SmartDashboard, SmartDefense, SmartDefense Advisor, Smarter Security, SmartLSM, SmartMap, SmartPortal, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SofaWare, SSL Network Extender, Stateful Clustering, TrueVector, Turbocard, UAM, UserAuthority, User-to-Address Mapping, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Express, VPN-1 Express CI, VPN-1 Power, VPN-1 Power VSX, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 UTM, VPN-1 UTM Edge, VPN-1 VSX, Web Intelligence, ZoneAlarm, ZoneAlarm Anti-Spyware, ZoneAlarm Antivirus, ZoneAlarm Internet Security Suite, ZoneAlarm Pro, ZoneAlarm Secure Wireless Router, Zone Labs, and the Zone Labs logo are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. The products are used for perimeter security, internal security, web security, high-end security, firewalls, virtual private networks or VPN, network management, endpoint security, and security alert services.

| go to top |

Disclaimer: McGallen & Bolden cannot be held liable for any information issued on behalf of its client and any delay its receipt. Any appearance of information on our site does not constitute our endorsement of any of the clients, products or services. We will not be liable or held responsible for any subsequent publishing or distribution by third parties any of these information of clients.
Microwire.info, the visual identity and other related content, are trademarks of McGallen & Bolden Group.
Copyright© 2005-2010 McGallen & Bolden Group. All rights reserved. Legal Notice.