Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2018.0112 VirusScan Enterprise 8.8 for Windows update fixes McTray elevation with log files vulnerability (CVE-2018-6674) 10 May 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: McAfee VirusScan Enterprise Operating System: Windows Impact/Access: Increased Privileges -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2018-6674 Member content until: Saturday, June 9 2018 OVERVIEW McAfee has addressed a security vulnerability in VirusScan Enterprise for Windows. [1] IMPACT McAfee has provided the following information regarding the vulnerability: "CVE-2018-6674 Gain Privilege vulnerability in Microsoft Windows client in McAfee VirusScan Enterprise (VSE) 8.8 allows local users to view configuration information in plain text format via the GUI or GUI terminal commands. NOTE: The following links were not yet populated with CVE details at the time of publication of this Security Bulletin. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6674 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6674 Although the vulnerability level score is medium, the fact that the attacker needs access to the physical machine with Admin privileges makes the risk of an exploitation generally low." [1] MITIGATION McAfee advises installing VSE for Windows Patch 11 to resolve this vulnerability. [1] REFERENCES [1] McAfee Security Bulletin - VirusScan Enterprise 8.8 for Windows update fixes McTray elevation with log files vulnerability (CVE-2018-6674) https://kc.mcafee.com/corporate/index?page=content&id=SB10237 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWvOik4x+lLeg9Ub1AQgjdxAAqR1dfWtWfD0PReQI2WL6rxSUhozNqVKt /ybaO72OR5FshcEbjN/2GNsqhx8DXCo/xCUZAMMkoy8NDXmrqRvmxFLaQk5W4Duw cewFAT/ZTqVGw1FAezFeLNrNm7Bn8w03I/K+Q8eUVj51bPR9W/OSfwDD+vlvswT5 FjoYwoRcxlSwq8wcf0UcHQUM3QftEkXHRZU4Ik2j13SIvvuliqoY8P90z1ZAce/i HaDH5/tgpGKCbkijuzIbNPr5Ijv0cfA5bTX1No1kWk0TGQj4nEcb9ZqhX/09AjiQ cDHXkzu3OG9D5/mwX9Aa/U51PfGaHpUkuKs0CHstJU96E/kuLOrcVvGjAssSidWp tBGRgJSUM3RawLxvMxx8G85up1ED/Ek3keS4lSVsk0W6bZVLkDqojegYZ/n1ICZ1 CmCG3qLwssBf3LM+aZ67Pcu23sPqusYPIFEwxwG5ASyZe38et8SnRAzJu88DnpLv xjNlMMSPhhb+Oy1mDcxTCVlLmeWLlgiNNCkfm7vszUqg8ogFy+gw7i1dQtl707v3 KoQfxt2ZdJPkWGt80d49W+LlotWhMmCqO2eqDw66dK5VX7gRu3zM/DYHm6y5jtN5 kacuSGcX1TwTvk4Za4NEHjgiSeyPv/CXkQO3zoaynmsGaA6ndtZ+7wXpBJAT8jgb 57OiB7lbsKA= =pO5S -----END PGP SIGNATURE-----