MEDIA CONTACT:
McGallen & Bolden PR
tel: +65-63246588
email

FOR IMMEDIATE RELEASE (For Asia Only)

Media Alert: Check Point Provides Protection Against Recently Discovered SSL Certificate Forgery Attack

Check Point updates its SmartDefense and IPS-1 products, through SmartDefense Services, to safeguard users against latest attack on Internet security infrastructure

SINGAPORE, January 8, 2009 - Check Point® Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the Internet, today announced that Check Point SmartDefense and IPS-1 protect its users against a recently discovered engineered attack that utilizes forged Secure Sockets Layer (SSL) certificates. SmartDefense and IPS-1 protections are available immediately for this attack.

Although difficult to exploit, the vulnerability could be used to impersonate any secure Web site on the Internet including banking and e-commerce sites. Mixing this vulnerability with DNS poisoning, hackers could easily launch nearly undetectable pharming attacks and silently misguide unsuspecting users to rogue Internet sites.

First revealed on Dec. 30, 2008, the attack leverages a weakness in the MD5 algorithm, which is used to sign SSL certificates that tie authentic corporate identities to corresponding Web site addresses and public encryption keys. Researchers were able to devise a way to manipulate an official Certificate Authority (CA) and launch an attack that would forge a rogue CA that then becomes trusted by all common browsers.

Check Point customers using Check Point SmartDefense Services, for both IPS-1 and SmartDefense in VPN-1 NGX R62/R65 and VSX NGX R65, can update their systems and activate a protection that will detect and block SSL connections to Web sites whose certificate may have been forged using this recently discovered attack. Customers are preemptively protected against DNS poisoning attacks if the relevant DNS protections were activated. Check Point's consumer browser security solution, ZoneAlarm ForceField, was also updated with new functionality to protect consumers against the threat.

"There are no straightforward fixes to this vulnerability unless the Certificate Authorities stop using MD5 and move to the more secure SHA-1 algorithm, which is why it is so important for organizations to have protection against this possible exploit," said Oded Gonda, vice president of network security products at Check Point.

Check Point SmartDefense provides intrusion prevention capabilities that are integrated into Check Point gateways. IPS-1 provides dedicated intrusion prevention capabilities. SmartDefense and IPS-1 are updated by SmartDefense Services, which provide ongoing and real-time updates and configuration advisories for defenses and security policies. SmartDefense and IPS-1 protections are developed and distributed by SmartDefense Research and Response Centers located around the globe.

More information about the attack, SmartDefense and IPS-1 protections can be found at Check Point's Security Research and Response Web site: http://www.checkpoint.com/defense/advisories/public/2009/cpai-31-Dec.html


About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is the leader in securing the Internet. Check Point offers total security solutions featuring a unified gateway, single endpoint agent and single management architecture, customized to fit customers' dynamic business needs. This combination is unique and is a result of our leadership and innovation in the enterprise firewall, personal firewall/endpoint, data security and VPN markets. Check Point's pure focus is on information security. Through its NGX platform, Check Point delivers a unified security architecture to protect business communications and resources, including corporate networks and applications, remote employees, branch offices and partner extranets. The company also offers market-leading endpoint and data security solutions with Check Point Endpoint Security products, protecting and encrypting sensitive corporate information stored on PCs and other mobile computing devices. Check Point's award-winning ZoneAlarm solutions protect millions of consumer PCs from hackers, spyware and identity theft. Check Point solutions are sold, integrated and serviced by a network of Check Point partners around the world and its customers include 100 percent of Fortune 100 companies and tens of thousands of businesses and organizations of all sizes.

Copyright(c)2009 Check Point Software Technologies Ltd. All rights reserved.




Search engines:


Check Point site

Keyword terms for page: Check Point Software Technologies Ltd. - Products include Check Point, AlertAdvisor, Application Intelligence, Check Point Express, Check Point Express CI, the Check Point logo, ClusterXL, Confidence Indexing, ConnectControl, Connectra, Connectra Accelerator Card, Cooperative Enforcement, Cooperative Security Alliance, CoSa, DefenseNet, Dynamic Shielding Architecture, Eventia, Eventia Analyzer, Eventia Reporter, Eventia Suite, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer, FloodGate-1, Hacker ID, Hybrid Detection Engine, IMsecure, INSPECT, INSPECT XL, Integrity, Integrity Clientless Security, Integrity SecureClient, InterSpect, IPS-1, IQ Engine, MailSafe, NG, NGX, Open Security Extension, OPSEC, OSFirewall, Policy Lifecycle Management, Provider-1, Safe@Home, Safe@Office, SecureClient, SecureClient Mobile, SecureKnowledge, SecurePlatform, SecurePlatform Pro, SecuRemote, SecureServer, SecureUpdate, SecureXL, SecureXL Turbocard, Sentivist, SiteManager-1, SmartCenter, SmartCenter Express, SmartCenter Power, SmartCenter Pro, SmartCenter UTM, SmartConsole, SmartDashboard, SmartDefense, SmartDefense Advisor, Smarter Security, SmartLSM, SmartMap, SmartPortal, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SofaWare, SSL Network Extender, Stateful Clustering, TrueVector, Turbocard, UAM, UserAuthority, User-to-Address Mapping, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Express, VPN-1 Express CI, VPN-1 Power, VPN-1 Power VSX, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 UTM, VPN-1 UTM Edge, VPN-1 VSX, Web Intelligence, ZoneAlarm, ZoneAlarm Anti-Spyware, ZoneAlarm Antivirus, ZoneAlarm Internet Security Suite, ZoneAlarm Pro, ZoneAlarm Secure Wireless Router, Zone Labs, and the Zone Labs logo are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. The products are used for perimeter security, internal security, web security, high-end security, firewalls, virtual private networks or VPN, network management, endpoint security, and security alert services.

| go to top |

Disclaimer: McGallen & Bolden cannot be held liable for any information issued on behalf of its client and any delay its receipt. Any appearance of information on our site does not constitute our endorsement of any of the clients, products or services. We will not be liable or held responsible for any subsequent publishing or distribution by third parties any of these information of clients.
Microwire.info, the visual identity and other related content, are trademarks of McGallen & Bolden Group.
Copyright© 2005-2009 McGallen & Bolden Group. All rights reserved. Legal Notice.