Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0040 McAfee MVISION Endpoint update fixes a password protection bypass 25 January 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: McAfee MVISION Operating System: Windows Impact/Access: Unauthorised Access -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-3584 Member content until: Sunday, February 24 2019 OVERVIEW McAfee MVISION Endpoint update fixes a password protection bypass. IMPACT McAfee has provided the following information about the vulnerability: "Self-protection was being disabled before the uninstall password prompt was called, leaving the policies file unprotected. CVE-2019-3584 Exploitation of Authentication vulnerability in McAfee MVISION Endpoint prior to 1811 Update 1 (18.11.31.62) allows authenticated users with administrator rights to remove MVISION Endpoint through unspecified vectors." [1] MITIGATION The following update has been made available to resolve this issue: o MVISION Endpoint 18.11.31.62 (1811 Update 1). Workarounds None available. [1] REFERENCES [1] MVISION Endpoint update fixes a bypass of the password protection allowing uninstallation of the product https://kc.mcafee.com/corporate/index?page=content&id=SB10265 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXEqXQ2aOgq3Tt24GAQgQfA/6ApGXDQVfaJjk0DIbCl1oxwnA7l0uPOQK pbJ+OoWS1LCeLj2YyyRM4Sgu7ePIKVSuXqLHh+tRZ2nUgt9j2F8om+5Nb1CUjgh0 dWqvJezT9SUxyHn6PmyiNWK4fpkGIgHyKyyQ9kRWUIoulpFXdO5PyJYdLY/NfOwm oEurGN8bQJoGKkp/XhaLlgh9M/Rf7nl8/bf9y2gyaWg5v3WZ3GRMNigI/5QLuxbT r+P0VBr2oWpzml4NXVN8lUab7mr5wLxKNu3edcS8mCeOmRjeN5mIQsJZaGkjRWnu SFN3pclhg3CYKh+v0KikJ+TREfU9hgFPfg3q/0Xc2f8IoagqY5KBQfqpqOr6crSh cMqjXKE9aa991/V3d9E+MSRk+Stjlyk8mQXJzrPCeSu5M3Snz24pNwrRkxsf2cfZ D5ByxtQCmJsKypaiYt/RCiKLR2d9/GGeaJKz9xvCTxzT5aSJvaimItL0v7r+zpgZ UoLnVkA/Js9JPgIwOkSEAX6DCEr493Hoo4mrL/b7ClyDHV6qSCz15BiQYntrO2F9 IWk05xoWfCcP1xgPFI5PisPktHW3OOmMLXwZ8h+PnRf/xxNw7Rc3CRtm8Aky8uHu StGKMnAlNOf+GTI1kcmGKeR0uWA2p80aG70CTvFPmOeKEDVYRM9qFKvb9YHp9xrD T0ZNx3VRUX8= =3vjK -----END PGP SIGNATURE-----