Security update for Check Point for SSL-VPN clients
Check Point has published a hotfix for a vulnerability in its Check Point Deployment Agent. The vendor has classified the vulnerability as high severity. If a client uses the SSL-VPN solutions SSL Network Extender (SNX), SecureWorkSpace or Endpoint Security On-Demand, attackers can use a specially crafted server to exploit the flaw – which the firm does not describe in greater detail – in order to inject malicious code onto the client and launch it with the user's rights.
In its advisory, Check Point describes two ways of solving the problem: admins can install the hotfix on a Check Point Gateway which will replace the Deployment Agent so that clients retrieve the update themselves upon the next contact; alternatively, users can visit a given URL to directly patch their software. For further details, see Checkpoint's advisory.