VirusScan 8.0i – Patch 15

Posted on April 20, 2007 by

McAfee VirusScan Enterprise 8.0i Patch 11 and earlier

Exploit – Attacker would be able to abnormally stop On-Access scan or execute arbitrary code on the target computer.

NOTE: Virus Scan Enterprise 8.0i Patch 12 or later fixes this flaw, but the remediation steps below assume that you are installing Patch 15, so it will refer to VSE80P15.ZIP. As of 4/17/07, Patch 15 is the latest available patch for VSE 8.0i

Time to patch your VS8.0i installs again, this time with Patch13 (VSE80P15.Zip)

The good news is that in our site this has limited impact;

In order for this attack to work, the target computer must have East Asia language files installed, and the default Unicode codepage must be set to a language which contains multi-byte characters–such as Chinese.

IMPACT:
Our SOE AniVirus has moved on to VS8.5i so this will only apply to machines still on the 8.0i version

[1.] McAfee Security Bulletin – VirusScan Enterprise 8.0i Patch 12 or later fixes vulnerability of disabling On-Access scanning and possible arbitrary code execution [612750] [McAfee]

About these ads
This entry was posted in patch, security, soe, virusscan. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s