If you happen to use Pattern Micro Apex One, you must know that the third-party Antivirus uninstaller characteristic might have a safety gap. This flaw might make it doable for random code to be run.
Although the Nationwide Vulnerability Database (NVD) hasn’t confirmed how unhealthy the issue is but, you need to be cautious and take the best steps to guard your system.
But it surely was additionally discovered that this safety gap is being utilized in the actual world (ITW). “Pattern Micro has seen not less than one ongoing try within the wild (ITW) to make the most of this vulnerability. Prospects are strongly urged to replace as quickly as doable.” Pattern Micro’s put up is learn.
Pattern Micro has put out a safety warning about methods to repair this drawback. Fear-Free Enterprise Safety (WFBS) and Fear-Free Enterprise Safety Companies (WFBSS) are additionally susceptible due to this flaw.
CVE-2023-41179 – Arbitrary Code Execution Vulnerability
Risk actors can use this gap to ship orders to endpoints which are susceptible. For an attacker to make the most of this flaw, they will need to have entry to the executive console on the goal machine.
If the exploit works, the attacker could possibly run instructions on the PC the place the safety agent is put in with system rights. Pattern Micro has given this vulnerability a rating of 9.1 (Important) for a way unhealthy it’s.
Affected Merchandise & Mounted in Variations
Product | Affected Model(s) | Platform | Mounted in Model* | Notes |
Apex One | 2019 (On-prem) | Home windows | SP1 Patch 1 (B12380) | Readme |
Apex One as a Service | SaaS | Home windows | July 2023 Month-to-month Patch (202307)Agent Model: 14.0.12637 | Readme |
Fear-Free Enterprise Safety(WFBS) | 10.0 SP1 | Home windows | 10.0 SP1 Patch 2495 | Readme |
Fear-Free Enterprise Safety Companies(WFBSS) | SaaS | Home windows | July 31, 2023Monthly Upkeep Launch |
Customers of those merchandise ought to change to the newest model of those merchandise in order that menace actors don’t make the most of this vulnerability.
Hold knowledgeable in regards to the newest Cyber Safety Information by following us on Google Information, Linkedin, Twitter, and Fb.