/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: Check Point Software Technologies Ltd., the worldwide leader in securing the Internet, today announced that Check Point IPS solutions shield customers against exploits associated with the FTP Service in Microsoft Internet Information Services vulnerability. Successful exploitation of this unpatched vulnerability could allow hackers to take over an affected company’s systems.
Although no Microsoft patch is currently available for this vulnerability, Check Point Security Gateway R70 customers using the IPS Software Blade are automatically protected. No action is required if they are using the “Recommended Profile” setting. Check Point VPN-1 NGX R65, VSX NGX R65 and IPS-1 NGX R65 customers also have existing protections and should check they are activated.
Microsoft Internet Information Services (IIS) is a collection of Internet services packaged with several versions of the Windows operating system. IIS includes a FTP server service for exchanging and manipulating files over a TCP computer network. The vulnerability is due to an error in IIS that fails to do sufficient bounds checking when processing an FTP NLST command. The vulnerability could allow remote code execution on affected systems that are running the FTP service and are connected to the Internet. Enterprise users at risk for this vulnerability have either IIS 5.0, IIS 5.1, or IIS 6.0.
“Exploit code of this vulnerability is available in the wild, meaning hackers could take the code and use it to exploit IIS and remotely control a company’s network,” said Oded Gonda, vice president of network security products at Check Point. “Check Point’s IPS products continue to provide protection against such vulnerabilities before they are even discovered, giving our customers the peace-of-mind that their systems are always secure.”
Check Point’s IPS Software Blade, IPS-1 appliances, and SmartDefense are supported by Check Point update services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies. Check Point protections are developed and distributed by Check Point’s Security Research and Response Centers located around the globe.
Based on the Software Blade architecture, Check Point IPS Software Blade provides complete, integrated, next generation firewall intrusion prevention capabilities at multi-gigabit speeds, with preemptive threat coverage for clients, servers, OS and other vulnerabilities, malware/worm infections, and more. Software Blades are independent and flexible security modules that enable companies to select the functions they need to build a custom Check Point Security Gateway.