McAfee – Virus Scan security update

McAfee’s Virus Scan Enterprise (VSE) anti-virus software is vulnerable. The gap is in version 8.8. If you use the software under Windows, you should install the secured version 8.8 Patch 11. The gap should only be exploited by a local attacker. McAffe classifies the attack risk as “medium”. The emergency team of the BSI CERT Confederation disagrees and awards the risk assessment “high”. If an attack succeeds, an attacker could gain admin privileges. Responsible for this is the process McTray.exe. If this one runs with elevated privileges, an attacker could cause VSE to launch a new process that inherits the elevated privileges.