Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Unpatched Microsoft IIS exploit protection

Check Point : 08 September, 2009  (New Product)
Check Point's IPS products provide protection from exploits that have not yet been patched by Microsoft
Check Point Software Technologies has announced that Check Point IPS solutions shield customers against exploits associated with the FTP Service in Microsoft Internet Information Services vulnerability. Successful exploitation of this unpatched vulnerability could allow hackers to take over an affected company's systems.

Although no Microsoft patch is currently available for this vulnerability, Check Point Security Gateway R70 customers using the IPS Software Blade are automatically protected. No action is required if they are using the "Recommended Profile" setting.

Check Point VPN-1 NGX R65, VSX NGX R65 and IPS-1 NGX R65 customers also have existing protections and should check they are activated. See threat reference CPAI-2009-153 for more information at the Check Point web site.

Microsoft Internet Information Services (IIS) is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network. The vulnerability is due to an error in IIS that fails to do sufficient bounds checking when processing an FTP NLST command. The vulnerability could allow remote code execution on affected systems that are running the FTP service and are connected to the Internet. Enterprise users at risk for this vulnerability have either IIS 5.0, IIS 5.1, or IIS 6.0.

"Exploit code of this vulnerability is available in the wild, meaning hackers could take the code and use it to exploit IIS and remotely control a company's network," said Oded Gonda, vice president of network security products at Check Point. "Check Point's IPS products continue to provide protection against such vulnerabilities before they are even discovered, giving our customers the peace-of-mind that their systems are always secure."

Check Point's IPS Software Blade, IPS-1 appliances, and SmartDefense are supported by Check Point update services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies.

Based on the Software Blade architecture, Check Point IPS Software Blade provides complete, integrated, firewall intrusion prevention capabilities at multi-gigabit speeds, with preemptive threat coverage for clients, servers, OS and other vulnerabilities, malware/worm infections, and more. Software Blades are independent and flexible security modules that enable companies to build a custom Check Point Security Gateway.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo