Serious Security Vulnerability Found In All McAfee Antivirus Editions (Nov 14, 2019)
SafeBreach Labs researchers reported a security vulnerability found in all versions of McAfee Total Protection (MTP), Anti-Virus Plus (AVP), and McAfee Internet Security (MIS). The lead researcher of the report, Peleg Hadar, explained that a malicious actor could exploit the vulnerability to achieve code execution, allowing the actor to execute malicious payloads while evading security checks. The vulnerability (CVE-2019-3648) was discovered in August 2019,
Recommendation: It is important that your company has patch-maintenance policies in place. Once a vulnerability has been reported on in open sources, threat actors will likely attempt to incorporate the exploitation of the vulnerability into their malicious operations. Patches should be reviewed and applied as soon as possible to prevent potential malicious activity.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.