Advert.

Do NOT tell your scammer he is posted here, or report their accounts as it puts others at risk!

Kernel exploit discovered in macOS Webroot SecureAnywhere

Did you read about scams in the papers, or see it on TV? Let us know.

Kernel exploit discovered in macOS Webroot SecureAnywhere

Unread postby SlapHappy » Thu Sep 13, 2018 5:58 pm

https://www.zdnet.com/article/code-exec ... -software/

Kernel exploit discovered in macOS Webroot SecureAnywhere antivirus software
The severe memory corruption flaw permitted attackers to execute malware at the kernel level.

Charlie Osborne
By Charlie Osborne for Zero Day | September 13, 2018 -- 12:00 GMT (05:00 PDT) | Topic: Security

1
9
A severe vulnerability discovered in the Webroot SecureAnywhere antivirus software allows attacks to take place at the kernel level.


On Thursday, researchers from the Trustwave SpiderLabs team revealed the flaw, which impacts the macOS version of the software.

Webroot's SecureAnywhere solution is a paid endpoint protection program which offers "full-scale antivirus security at an affordable price."

The vulnerability, CVE-2018-16962, is a memory corruption bug which has been caused by an arbitrary user-supplied pointer which can be read from and "potentially written too," according to Trustwave.

If particular conditions in the memory function of SecureAnywhere are met, attackers are gifted with a write-what-where kernel opening, allowing them to execute arbitrary code in this core element.

The saving grace with this kernel-level attack is that threat actors need local access to exploit the security flaw.

If the vulnerability had permitted remote attacks, this would have been far more serious and would have given cyberattackers an almost limitless means to compromise the software.

"While macOS is an important target for attackers, the installation base of Windows still outpaces Mac," the researchers say, "It's also local only, not remote, so an attacker needs to be logged into a vulnerable Mac or convince a logged-in user to open the exploit via social engineering."

Trustwave says that after reporting the issue, Webroot quickly resolved the vulnerability.

It is recommended that macOS users of Webroot SecureAnywhere enable automatic updates to receive the security patch or manually upgrade to version 9.0.8.34.

"The security of our customers is of paramount importance to Webroot," Chad Bacher, SVP of Product Strategy and Technology Alliances at Webroot told ZDNet. "This vulnerability was remedied in software version 9.0.8.34 which has been available for our customers since July 24, 2018."

"For any user running a version of Mac not currently supported by Apple (OS 10.8 or lower), we recommend upgrading to an Apple-supported version to receive our updated agent and be in line with cybersecurity best practices on system patching," the executive added.

Webroot is not aware of any compromises due to this vulnerability.
If anyone asks you for money on the Internet they are always a scammer, 100% of the time.
Blackmail Scammed? Go here: https://www.scamsurvivors.com/blackmail/#/
FAQ viewtopic.php?f=3&t=19
Victim of a scam? Go here: https://scamsurvivors.com/forum/viewtop ... =3&t=26504
User avatar
SlapHappy
Retired admin/co creator
 
Posts: 44968
Joined: Tue Apr 17, 2012 5:18 am
Location: Just a face in a magazine, watching you post your scammer's details.

Return to Media reports.

Who is online

Users browsing this forum: No registered users and 17 guests