• 0 Record(s)
    We found results matching "0" in 0 ms
  • McAfee Antivirus Software Affected by Code Execution Vulnerability

    Dec. 23, 2019

    Researchers have discovered a serious code execution vulnerability that affects all editions of McAfee Antivirus software.


    On Tuesday, the SafeBreach Labs cybersecurity team announced that CVE-2019-3648 could bypass McAfee's self-defense mechanisms, which could lead to further attacks in a compromised system.


    The vulnerability exists when it is not possible to verify if the DLLs have been signed or not and when there is a path problem where wbemprox.dll tries to load wbemcomn.dll from the working directory and not from the actual location in the System32 folder.


    Therefore, all unsigned DLLs can be loaded into multiple services that run as NT AUTHORITY\SYSTEM.


    Attackers need administrator rights to exploit this vulnerability. However, if this is done because multiple software is running as a Windows service with system level privileges, any code execution may occur in the context of McAfee services.


    The error allowed attackers to load and execute a malicious load using services with multiple signatures in McAfee software. This feature can also be used to skip the white list of applications and prevent detection by protection software.


    In addition, malicious code can be configured to reload each time a service is started to maintain persistence in a vulnerable system.


    McAfee Total Protection, McAfee Anti-Virus Plus and Internet Security up to version 16.0.R22 included. Version 16.0.R22 Refresh 1 is released to close the vulnerability.


    The vulnerability was first reported to McAfee on August 5 through the HackerOne error platform. The cybersecurity provider responded on August 21 and then confirmed that the security issue was valid on September 3 after classification.


    Whokeys updates regularly the latest news for popular games every day. Don't forget to keep an eye on our daily newsletter for more information.

    CloseWelcome to whokeys Sign In.

    Not signed up yet?   Sign Up Now

    Log in with a third party account:

    • Google

    Open the whokeys APP

    Scan The code to login

    CloseWelcome to whokeys Sign Up.

    • Email Address *

      Please enter a valid Email.

    • Password*

      6 to 16 letters, numbers, and special characters.

    • Confirm Password*

    • First Name* Last Name*

    • I have read and agreed to the  
      Subscribe to whokeys Offers ,Contests&Newsletter.

    Already have an whokeys account?   Sign In Now

    Log in with a third party account

    • Google

    CloseForgot Password

    Close

    Prompt T698563:

    The programe has been successfully submitted to the system

    Close

    Prompt T698563:

    The programe has been successfully submitted to the system

    Close

    Prompt T698563:

    The programe has been This is a warning ?

    CloseSuccessful Registration

    Click here to set up your security question

    CloseSecurity verification