cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

Check Point VPN client 'home page' still links to insecure version

The Check Point VPN client 'home page', available here:

https://www.checkpoint.com/products/remote-access-vpn/

 

Still links to E81.20 which is susceptible to a local privileged escalation flaw published in CVE-2019-8461.

 

Surely this should have been updated to reference the following URL 4 days ago?

Enterprise Endpoint Security E81.30 Windows Clients:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

 

Regards

David Herselman

0 Kudos
3 Replies
Highlighted
Gold

Re: Check Point VPN client 'home page' still links to insecure version

Highlighted

Re: Check Point VPN client 'home page' still links to insecure version

Thanks Wolfgang, that does explain the details. I still think Check Point should maintain both the actual home page (which requires a Check Point account) and the 'home page' that users would find via a 'check point vpn client' Google search, to both reference the latest publicly available version.

 

Google search:

https://www.checkpoint.com/products/remote-access-vpn/ references E81.20

 

Official home page:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... references E81.30

 

 

If this flaw primarily affects new installations, then the most commonly referred to download link should reference the version which provides protection, no?

 

 

Regards

David Herselman

0 Kudos
Highlighted
Admin
Admin

Re: Check Point VPN client 'home page' still links to insecure version

Hi, thanks for bringing this to our attention.
I'll let the team who manages checkpoint.com know to point to the later version of the client.
0 Kudos