Media Alert: Check Point Protects Consumers against Forged Internet Certificate Attack

Check Point^® Software Technologies Ltd. (Nasdaq:CHKP), the worldwide leader in securing the Internet, today announced that Check Point ZoneAlarm ForceField provides unique protection against a recently discovered engineered attack that utilizes forged Secure Sockets Layer (SSL) certificates. This type of attack could be used to impersonate any secure Web site on the Internet including banking and e-commerce sites.

First revealed on Dec. 30, 2008, the attack leverages a weakness in the MD5 algorithm, which is used to sign SSL certificates that tie authentic corporate identities to corresponding Web site addresses and public encryption keys. Researchers were able to devise a way to manipulate an official Certificate Authority (CA) and launch an attack that would forge a rogue CA that then becomes trusted by all common browsers. Mixing this type of attack with DNS poisoning, a hacker could forge the certificate signature and end users would believe they are on secure Web sites (indicated by the padlock at the bottom of the screen), when in fact they may be on a fake or pharming site.

"We have known for some time that MD5 is a relatively weak algorithm, but with this new attack, MD5 exploits of this nature have moved from theoretical to a realistic possibility, and that is significant,” said Ben Khoushy, vice president of endpoint products at Check Point. "Although the exploit is not easy to execute, it is still important for security experts to take notice. That is why Check Point has put forth a great amount of effort to add protective functionality to both its enterprise and consumer security solutions, to keep our users safe from this new threat.”

The new functionality is offered as a free update in ZoneAlarm ForceField, Check Point’s consumer browser security solution, and utilizes technology that maps links between domains and certificates, while keeping a careful record of the sites a user visits. This offers added protection against SSL certificate forgeries, which are at the root of this attack. For enterprise customers, Check Point SmartDefense and IPS-1 protections are also available immediately for this attack.

Built to fight the emerging classes of browser-based attacks, ZoneAlarm ForceField includes additional security layers that augment its virtualization capability including heuristic anti-phishing, site rating, and keylogger jamming among other features. ForceField also includes an optional "Privacy Mode" that erases all personal information from the local PC after a Web browsing session to further protect consumer privacy.

ZoneAlarm ForceField integrates seamlessly with Internet Explorer or Firefox Web browsers. ForceField downloads quickly (less than 5mb) and works in conjunction with any brand of antivirus, anti-spyware, firewall and security suite product including the complete line of ZoneAlarm solutions. ZoneAlarm ForceField is PC-only compatible and supports Windows XP and Windows Vista platforms. For more information or to download ZoneAlarm ForceField visit www.zonealarm.com.

More information about the attack can be found at Check Point's Security Research and Response Web site: http://www.checkpoint.com/defense/advisories/public/2009/cpai-31-Dec.html

About Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd. (www.checkpoint.com) is the leader in securing the Internet. Check Point offers total security solutions featuring a unified gateway, single endpoint agent and single management architecture, customized to fit customers’ dynamic business needs. This combination is unique and is a result of our leadership and innovation in the enterprise firewall, personal firewall/endpoint, data security and VPN markets.

Check Point’s pure focus is on information security. Through its NGX platform, Check Point delivers a unified security architecture to protect business communications and resources, including corporate networks and applications, remote employees, branch offices and partner extranets. The company also offers market-leading endpoint and data security solutions with Check Point Endpoint Security products, protecting and encrypting sensitive corporate information stored on PCs and other mobile computing devices. Check Point's award-winning ZoneAlarm solutions protect millions of consumer PCs from hackers, spyware and identity theft. Check Point solutions are sold, integrated and serviced by a network of Check Point partners around the world and its customers include 100 percent of Fortune 100 companies and tens of thousands of businesses and organizations of all sizes.

©2009 Check Point Software Technologies Ltd. All rights reserved.