Author Topic: Antivirus Exposes Macs to Remote Code Execution via MitM Vulnerability  (Read 23 times)

0 Members and 1 Guest are viewing this topic.

Offline Quizmaster

  • Flying Nurse
  • Seasonal Competition Team
  • *
  • Posts: 23301
    • Smokey's Security Forums
  • .: Surf Queen
Antivirus Exposes Macs to Remote Code Execution via MitM Vulnerability
« Reply #1 on: February 28, 2017, 01:53:19 PM »
Antivirus Exposes Macs to Remote Code Execution via MitM Vulnerability
28 February 2017, 1:37 pm

Macs users protecting their computers with ESET's antivirus software may be in for a rude awakening as researchers discovered a vulnerability that opens the computer to remote root execution via man-in-the-middle attack. 

Google's Jason Geffner and Jan Bee, members of the company's security team, published an advisory in which they detail how a root-level remote code execution could be performed on a Mac by intercepting the ESET antivirus package's connection to the backend servers. Then, by using a man-in-the-middle approach, the XML library hole could be exploited. 

"Vulnerable versions of ESET Endpoint Antivirus 6 are statistically linked with an outdated XML parsing library and do not perform proper server authentication, allowing for remote unauthenticated attackers to perform arbitrary code execution as root on vulnerable clients," the advisory reads. 

The ... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

 


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks