A remote code execution vulnerability exists in the way that Microsoft Silverlight handles pointers. The vulnerability could allow remote code execution if a user visit a specially crafted Web site that contains Silverlight content.

• Check Point Response
• Update Protection against Microsoft Silverlight Pointer Handling Memory Corruption Vulnerability (MS10-060) Release Date:

A remote code execution vulnerability exists in the Microsoft .NET Framework that can allow a specially crafted Microsoft .NET application or a specially crafted Silverlight application to access memory, leading to arbitrary unmanaged code execution.

• Check Point Response
• This is a local vulnerability that cannot be reliably mitigated by a Network IPS device.

An elevation of privilege vulnerability exists when Windows places incorrect access control lists (ACLs) on the registry keys for the Tracing Feature for Services. The vulnerability could allow an attacker to run code with elevated privileges. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• This is a local vulnerability that can not be reliably mitigated by a Network IPS device.

An elevation of privilege vulnerability exists due to the way that the Tracing Feature for Services allocates memory when processing specially crafted long strings from the registry. An attacker who successfully exploited this vulnerability could run arbitrary code with system-level privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• This is a local vulnerability that can not be reliably mitigated by a Network IPS device.

A denial of service vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of specially crafted IPv6 packets with a malformed extension header. An attacker could exploit the vulnerability by sending the target system a small number of specially crafted packets, causing the affected system to stop responding.

• Check Point Response
• Check Point IPS Research Team is currently investigating this vulnerability and may issue a protection at a later date

An elevation of privilege vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of a specific input buffer. An attacker who successfully exploited this vulnerability could run arbitrary code with system-level privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• heck Point IPS Research Team is currently investigating this vulnerability and may issue a protection at a later date

A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• Update Protection against Microsoft Excel SXVI.iCache Validation Memory Corruption Vulnerability (MS10-057) Release Date:

A remote code execution vulnerability exists in the way that Microsoft Office Word handles malformed records inside a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• Check Point Response
• Update Protection Microsoft Word sprmCMajority Record Parsing Remote Code Execution (MS10-056) Release Date:

A remote code execution vulnerability exists in the way that Microsoft Office Word parses rich text data. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• Check Point Response
• Update Protection against Microsoft Word RTF Parsing Engine Memory Corruption Vulnerability (MS10-056) Release Date:

A remote code execution vulnerability exists in the way that Microsoft Office Word parses certain rich text data. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• Check Point Response
• Update Protection against Microsoft Word RTF Data Parsing Buffer Overflow Vulnerability (MS10-056) Release Date:

A remote code execution vulnerability exists in the way that Microsoft Office Word handles a specially crafted Word file that includes a malformed record. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• Check Point Response
• Update Protection against Microsoft Word HTML Linked Objects Memory Corruption Vulnerability (MS10-056) Release Date:

A remote code execution vulnerability exists in the way the Cinepak codec handles supported format files. This vulnerability could allow code execution if a user opened a specially crafted media file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• Check Point Response
• Update Protection against Microsoft Windows Cinepak Codec Remote Code Execution Vulnerability (MS10-055) Release Date:

An unauthenticated remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a computer running the Server service. An attacker who successfully exploited this vulnerability could take complete control of the system.

• Check Point Response
• Update Protection against Microsoft SMB Server Pool Overflow Remote Code Execution Vulnerability (MS10-054) Release Date:

A denial of service vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a computer running the Server service.

• Check Point Response
• Update Protection against Microsoft SMB Server Variable Validation Denial of Service Vulnerability (MS10-054) Release Date:

A denial of service vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB compounded requests. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a computer running the Server service.

• Check Point Response
• Update Protection against Microsoft SMB Stack Exhaustion Denial of Service Vulnerability (MS10-054) Release Date:

An information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page and then interacts with the browser window using the mouse.

• Check Point Response
• Update Protection against Microsoft Internet Explorer Event Handler Information Disclosure Vulnerability (MS10-053) Release Date:

A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• Update Protection against Microsoft Internet Explorer Location Uninitialized Memory Corruption Vulnerability (MS10-053) Release Date:

A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• Update Protection against Microsoft Internet Explorer boundElements Uninitialized Memory Corruption Vulnerability (MS10-053) Release Date:

A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that may have been corrupted due to a race condition. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• Update Protection against Microsoft Internet Explorer Refresh Race Condition Memory Corruption Vulnerability (MS10-053) Release Date:

A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• Update Protection against Microsoft Internet Explorer Parent Style Uninitialized Memory Corruption Vulnerability (MS10-053) Release Date:

A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• Update Protection against Microsoft Internet Explorer Table HTML Layout Memory Corruption Vulnerability (MS10-053) Release Date:

A remote code execution vulnerability exists in the way that Microsoft DirectShow MP3 filter handles supported format files. This vulnerability could allow code execution if a user opened a specially crafted audio file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• Check Point Response
• Update Protection against Microsoft MPEG Layer-3 Codecs Memory Corruption Vulnerability (MS10-052) Release Date:

A remote code execution vulnerability exists in the way that Microsoft XML Core Services handles HTTP responses. The vulnerability could allow remote code execution if a user browses a Web site that contains specially crafted content or opens specially crafted HTML e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

• Check Point Response
• Update Protection against Microsoft Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability (MS10-051) Release Date:

A remote code execution vulnerability exists in the way that Windows Movie Maker handles specially crafted project files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• Update Protection against Microsoft Windows Movie Maker Memory Corruption Vulnerability (MS10-050) Release Date:

A spoofing vulnerability exists in the TLS/SSL protocol, implemented in the Microsoft Windows SChannel authentication component. An attacker who successfully exploited this vulnerability would be able to introduce information on a TLS/SSL protected connection, effectively sending traffic spoofing the authenticated client. This security addresses a vulnerability previously discussed in Microsoft Security Advisory 977377.

• Check Point Response
• Preemptive Protection against TLS and SSL Spoofing Vulnerability Release Date:

A spoofing vulnerability exists in the TLS/SSL protocol, implemented in the Microsoft Windows SChannel authentication component. An attacker who successfully exploited this vulnerability would be able to introduce information on a TLS/SSL protected connection, effectively sending traffic spoofing the authenticated client. This security addresses a vulnerability previously discussed in Microsoft Security Advisory 977377.

• Check Point Response
• Security Best Practice: Protect Yourself from SSL and TLS Protocols Renegotiation Vulnerability (MS10-049) Release Date:

A remote code execution vulnerability exists in the way that SChannel on a client machine validates a certificate request message sent by the server. An attacker could host a specially crafted Web site that is designed to exploit these vulnerabilities through an Internet Web browser and then convince a user to view the Web site. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attackers Web site.

• Check Point Response
• Check Point IPS Research Team is currently investigating this vulnerability and may issue a protection at a later date

A denial of service vulnerability exists in the Windows kernel-mode drivers due to the improper validation of an argument passed to a system call. An attacker could exploit the vulnerability by running a specially crafted application causing the system to become unresponsive and automatically restart.

• Check Point Response
• This is a local vulnerability that can not be reliably mitigated by a Network IPS device.

An elevation of privilege vulnerability exists due to the way the Windows kernel-mode drivers handle certain exceptions. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• This is a local vulnerability that can not be reliably mitigated by a Network IPS device.

An elevation of privilege vulnerability exists because the Windows kernel-mode drivers do not properly allocate memory when making a copy from user mode. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• This is a local vulnerability that can not be reliably mitigated by a Network IPS device.

An elevation of privilege vulnerability exists in Windows kernel-mode drivers due to improper validation of input passed from user mode. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• This is a local vulnerability that can not be reliably mitigated by a Network IPS device.

An elevation of privilege vulnerability exists because Windows kernel-mode drivers do not properly validate all parameters when creating a new window. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• This is a local vulnerability that can not be reliably mitigated by a Network IPS device.

An elevation of privilege vulnerability exists in the Windows Kernel due to the way the kernel deals with specific thread creation attempts. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• This is a local vulnerability that can not be reliably mitigated by a Network IPS device.

An elevation of privilege vulnerability exists in the Windows Kernel due to the way the kernel initializes objects while handling certain errors. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

• Check Point Response
• This vulnerability can not be reliably mitigated by a network IPS device.

A denial of service vulnerability exists in the way that the Windows kernel validates access control lists on kernel objects. An attacker could exploit the vulnerability by running a specially crafted application causing the system to become unresponsive and automatically restart.

• Check Point Response
• This vulnerability can not be reliably mitigated by a network IPS device.

A remote code execution vulnerability exists in affected versions of Microsoft Windows. The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. This update addresses a vulnerability previously discussed in Microsoft Security Advisory 2286198.

• Check Point Response
• Update Protection against Microsoft Windows Shell LNK File Remote Code Execution Vulnerability (MS10-046) Release Date: