Check Point IPS Solutions Secure Enterprise Networks from Latest Microsoft DNS Server Threats

Check Point Provides Preemptive Protection Against Latest Microsoft DNS Server Vulnerabilities

Redwood City, CA, March 10, 2009 -- Check Point® Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the Internet, today announced that users of Check Point IPS solutions, SmartDefense® Services, the newly introduced IPS Software Blade for Check Point Security Gateway R70, VPN-1® NGX R60 and above, VSX NGX R65, InterSpect NGX, IPS-1, and IPS-1 NGX R65, are shielded from two new Domain Name System (DNS) cache poisoning threats, CVE-2009-0233 and CVE-2009-0234, disclosed today.

Check Point IPS solutions customers gain immediate protection against the exploits.

Both vulnerabilities take advantage of how Microsoft DNS servers handle caching of queries and responses. By bombarding a DNS server (large servers that convert domain names into numeric IP addresses) with specially crafted queries, an attacker tricks a DNS server into making unnecessary lookups rather than relying on outstanding queries and cached responses. The unnecessary lookups result in providing more opportunities for an attacker to insert incorrect responses into the DNS server’s cache. Instead of visiting an intended website, users can be redirected to a malicious site.

Check Point IPS solutions preemptively protect against the two new threats through a suite of DNS cache poisoning protections available since 2003. These preemptive protections are further strengthened by immediately available protections, capable of detecting specific attempts to exploit the newly announced vulnerabilities. Consequently, SmartDefense Services and IPS Software Blade solutions stop an attacker from flooding a DNS server with requests and inserting false, malicious information into a DNS server’s cache.

“At the heart of the Internet are DNS servers. We trust DNS servers to direct all applications that we use on the Internet to the right address, so any vulnerability affecting the integrity of DNS servers is of great concern,” said Oded Gonda, vice president of network security products at Check Point. “In less than a year there have been three major DNS exploits and more are likely to follow. Check Point’s preemptive protection technology allows businesses to gain immediate protection from threats that could unknowingly route them to malicious sites.”

Check Point IPS solutions provide intrusion prevention capabilities available on dedicated platforms or integrated into Check Point gateways. Check Point IPS products are updated by Check Point’s update services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies. Check Point protections are developed and distributed by Security Research and Response Centers located around the globe.

More information about the new vulnerabilities and Check Point IPS protections can be found at: http://www.checkpoint.com/defense/advisories/public/announcement/031009-...

Businesses interested in additional information on Check Point IPS solutions can visit: www.checkpoint.com/products/softwareblades/intrusion-prevention-system.html

Businesses interested in subscribing to Check Point SmartDefense Services can find more information at: www.checkpoint.com/defense/advisories/public/index.html

Source: Check Point Software Technologies Ltd.