The severe memory corruption flaw permitted attackers to execute malware at the kernel level.
Full Story: https://www.zdnet.com/article/code-execution-bug-discovered-in-macos-webroot-secureanywhere-antivirus-software/
https://twitter.com/CVEnew/status/1039978374482014210
Page 1 / 1
I hope Webroots on it and getting it fixed ASAP!
It's been Fixed since July 24th, 2018 so this article is a little late in reporting.
Mac Version 9.0.8.34 (Released July 24th, 2018)
Mac Version 9.0.8.34 (Released July 24th, 2018)
Fixed
See here: http://answers.webroot.com/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=2022
Mac Version 9.0.8.34 (Released July 24th, 2018)
Mac Version 9.0.8.34 (Released July 24th, 2018)
Fixed
- MAC Vulnerability by hardening driver access to processes without root privileges.
See here: http://answers.webroot.com/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=2022
@ wrote:
It's been Fixed since July 24th, 2018 so this article is a little late in reporting.
Mac Version 9.0.8.34 (Released July 24th, 2018)
Mac Version 9.0.8.34 (Released July 24th, 2018)
Fixed
- MAC Vulnerability by hardening driver access to processes without root privileges.
See here: http://answers.webroot.com/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=2022
Yes, that was the bit that impressed me:@ wrote:
It's been Fixed since July 24th, 2018.
"Trustwave says that after reporting the issue, Webroot quickly resolved the vulnerability"
Just what you would expect from a reputable AV company :D
Hi Webrooters!
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. 😢
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. 😢
It has been fixed since July 24th https://community.webroot.com/t5/Webroot-in-the-News/Kernel-exploit-discovered-in-macOS-Webroot-SecureAnywhere/m-p/328988#M16 so the Article is quite late in it's reporting in the link in the first post!@ wrote:
Hi Webrooters!
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. ;(
Thank you Daniel! I thought I read that this vulnerability was fixed in July.@ wrote:
It has been fixed since July 24th https://community.webroot.com/t5/Webroot-in-the-News/Kernel-exploit-discovered-in-macOS-Webroot-SecureAnywhere/m-p/328988#M16 so the Article is quite late in it's reporting in the link in the first post!@ wrote:
Hi Webrooters!
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. ;(
I don't know why ZDNet would post that article today if it happened a couple of months ago??? It's Stupid IMO like old news. :@@ wrote:
Thank you Daniel! I thought I read that this vulnerability was fixed in July.@ wrote:
It has been fixed since July 24th https://community.webroot.com/t5/Webroot-in-the-News/Kernel-exploit-discovered-in-macOS-Webroot-SecureAnywhere/m-p/328988#M16 so the Article is quite late in it's reporting in the link in the first post!@ wrote:
Hi Webrooters!
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. ;(
By Charlie Osborne for Zero Day | September 13, 2018 -- 12:00 GMT (05:00 PDT) | Topic: Security
Beats me Daniel. It got me nervous and jerky for awhile. I checked my Mac and I'm running 10.11 OS . Which is a good thing. I'm also not able to update, upgrade any further past that.@ wrote:
I don't know why ZDNet would post that article today if it happened a couple of months ago??? It's Stupid IMO like old news.@ wrote:
Thank you Daniel! I thought I read that this vulnerability was fixed in July.@ wrote:
It has been fixed since July 24th https://community.webroot.com/t5/Webroot-in-the-News/Kernel-exploit-discovered-in-macOS-Webroot-SecureAnywhere/m-p/328988#M16 so the Article is quite late in it's reporting in the link in the first post!@ wrote:
Hi Webrooters!
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. ;(
By Charlie Osborne for Zero Day | September 13, 2018 -- 12:00 GMT (05:00 PDT) | Topic: Security
Because Trustwave only publically revealed their discovery of the security flaw today, as stated at the beginning of the article:@ wrote:I don't know why ZDNet would post that article today if it happened a couple of months ago???
On Thursday, researchers from the Trustwave SpiderLabs team revealed the flaw, which impacts the macOS version of the software.
Also, see the Trustwave blog post they link to:
CVE-2018-16962: Webroot SecureAnywhere macOS Kernel Level Memory Corruption
September 13, 2018 Neil Kettle Comments (0)Trustwave recently discovered a locally exploitable issue in the macOS version of the Webroot SecureAnywhere solution. The issues root cause is an arbitrary user-supplied pointer being read from and potentially written too. As such, the issue arms an attacker with...
Read More
Admittedly, the article is a bit misleading at the beginning (the news media are by their very nature as commercial organisations trying to attract attention to their articles with catchy headlines and introductions), but if you read it to the end it becomes clear.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.