Check Point IPS Solutions

Check Point Software Technologies Ltd, the worldwide leader in securing the Internet, today announced that Check Point IPS solutions shield customers against exploits associated with the FTP Service in Microsoft Internet Information Services vulnerability.

Successful exploitation of this unpatched vulnerability could allow hackers to take over an affected company’s systems.

Although no Microsoft patch is currently available for this vulnerability, Check Point Security Gateway R70 customers using the IPS Software Blade are automatically protected.

No action is required if they are using the “Recommended Profile” setting.

Check Point VPN-1 NGX R65, VSX NGX R65 and IPS-1 NGX R65 customers also have existing protections and should check they are activated. See threat reference CPAI-2009-153 for more information at: http://www.checkpoint.com/defense/advisories/public/2009/cpai-03-Augb.html

Microsoft Internet Information Services (IIS) is a collection of Internet services packaged with several versions of the Windows operating system.

IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network.

The vulnerability is due to an error in IIS that fails to do sufficient bounds checking when processing an FTP NLST command.

The vulnerability could allow remote code execution on affected systems that are running the FTP service and are connected to the Internet.

Enterprise users at risk for this vulnerability have either IIS 5.0, IIS 5.1, or IIS 6.0.

“Exploit code of this vulnerability is available in the wild, meaning hackers could take the code and use it to exploit IIS and remotely control a company’s network,” said Oded Gonda, vice president of network security products at Check Point.

“Check Point’s IPS products continue to provide protection against such vulnerabilities before they are even discovered, giving our customers the peace-of-mind that their systems are always secure.”

Check Point’s IPS Software Blade, IPS-1 appliances, and SmartDefense are supported by Check Point update services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies.

Based on the Software Blade architecture, Check Point IPS Software Blade provides complete, integrated, firewall intrusion prevention capabilities at multi-gigabit speeds, with preemptive threat coverage for clients, servers, OS and other vulnerabilities, malware/worm infections, and more.

Software Blades are independent and flexible security modules that enable companies to build a custom Check Point Security Gateway.

Businesses interested in additional information on Check Point’s IPS Software Blade can visit: www.checkpoint.com/products/softwareblades/intrusion-prevention-system.html