SSD Advisory – McAfee LiveSafe MiTM Registry Modification leading to Remote Command Execution Full report: http://ift.tt/2j3vQ1u Twitter: @SecuriTeam_SSD Weibo: SecuriTeam_SSD Vulnerabilities Summary The following advisory describes a Remote Code Execution found in McAfee McAfee LiveSafe (MLS) versions prior to 16.0.3. The vulnerability allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response. McAfee Security Scan Plus is a free diagnostic tool that ensures you are protected from threats by actively checking your computer for up-to-date anti-virus, firewall, and web security software. It also scans for threats in any open programs. Credit An independent security research company, Silent Signal, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor response The vendor has released patches to address this vulnerability. For more information: http://ift.tt/2wdkzxD CVE: CVE-2017-3898
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment