Israeli security software company Check Point Software Technologies, (Nasdaq: CHKP), last week alerted the popular open encyclopedia group Wikipedia that its software foundation has a critical vulnerability in its code that can affect thousands of its users.
The issue was discovered by Check Point security researchers who immediately notified the Wikipedia Foundation.
The vulnerability they discovered can allow a malicious attacker to perform remote code execution and appears to affect all versions of MediaWiki from version1.8 onwards.
After verifying that a serious problem had indeed been discovered by Check Point, the Wikipedia Foundation has now released a software update to correct the issue. Prior to the availability of a patch, any attacker could have injected malicious code into every page in Wikipedia.org, as well as into any other internal or Web-facing “wiki” site running on MediaWiki, its software platform.
The Foundation also recommended that all customers using its software platform apply the patch as soon as possible. At the same time, Check Point has delivered updated Intrusion Prevention System protections via “ThreatCloud” to detect and block attempts to exploit this vulnerability. ThreatCloud is Check Point’s collaborative network and cloud-driven knowledge base that delivers real-time dynamic security intelligence to security gateways.
A vulnerability with global impact
Check Point’s Vulnerability Research Group regularly performs assessments of commonly used software to ensure the security of Internet users worldwide.
MediaWiki is an extremely popular open-source Web platform used to create and maintain “wiki” Web sites, collaborative sites in which users are able to add, modify and delete content. Wikipedia.org itself is the sixth most visited web site in the world today, with more than 94 million unique visitors per month and 2 million other sites linking into it.
The MediaWiki platform also serves as the infrastructure for tens of thousands of other wiki Web sites, both facing out to the internet as well as internal, around the world.
An attacker who successfully exploits this particular vulnerability becomes able to perform remote code execution on the application server to gain complete control of the targeted system.
Since 2006, only two other such remote code execution vulnerabilities have ever been discovered in the MediaWiki platform. The vulnerability Checkpoint discovered therefore would have been highly prized by the hacker community, and quickly turned into attacks aimed at organizations, including those that have still to apply the new patch or implement other additional forms of defense, such as intrusion prevention.
Dorit Dor, Vice President of products at Check Point Software Technologies said, “It only takes a single vulnerability on a widely adopted platform for a hacker to infiltrate and wreak widespread damage. The Check Point Vulnerability Research Group focuses on finding these security gaps and deploying the necessary real-time protections to secure the Internet, ” adding:
“We’re pleased that the MediaWiki platform is now protected against attacks on this vulnerability, which would have posed great security risk for millions of daily “wiki” site users.”
Score one more for the good guys, in what is an ongoing battle. However stay alert everyone; the connected world we now all live in is not without issues; there are bad guys out there!
About Check Point
With a US$12 billion market capitalization, Israeli based Check Point Software Technologies is a world leader in securing the internet. The company’s products provide their customers with protection against all types of security threats and reduce the complexity of managing security as a business process.
Check Point was an industry pioneer with FireWall-1 and its patented state inspection technology. Today, Check Point continues to develop new innovations based on its proprietary Software Blade Architecture, providing customers with flexible and simple solutions that can be fully customized to meet the exact security needs of any organization.
Check Point is ahead of the curve as it elevates security to being another business process, of equal importance to every other business process. Check Point 3D Security uniquely combines policy, people and enforcement for greater protection of information assets and helps organizations implement a blueprint for security that aligns with business needs.
Today Check Point’s customers include many thousands of organizations around the globe, of all sizes, including all of the Fortune and Global 100 companies. Check Point’s award-winning ZoneAlarm solutions also protect millions of consumers as well from hackers, spyware and identity theft.