Is the recent announcement of the Check Point vulnerability a major concern for their customers? Will it impact their decision in upgrading/choosing Check Point products in the future? Is the vulnerability as bad as it sounds?
Any vulnerability announcement for any product should be a major concern for the its users.
One of the two flaws is in a product that is not supported by Check Point. Users should have already upgraded, unless they like taking chances by using unsupported software. The upgraded product is not vulnerable to the flaw (at least it was found not to be by ISS). The other flaw, in the supported product, has a patch available from Check Point. As with any other product vulnerability, users should test the patch to see that it does not cause other problems and then install it on their operational systems.
As for choosing or upgrading Check Point products, all potential customers need to weigh all kinds of factors in choosing which products to buy. Price, capabilities and company reputation are all factors. Whether this will cause Check Point to lose marketshare is something that remains to be seen.
For more info on this topic, visit these SearchSecurity.com resources:
This was first published in February 2004