Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 3 Vote(s) - 3.67 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Check Point Software Discovered To Have Major Flaw:
#1
[Image: 1*TYAzzTJ60x-qg5N81ElU9A.png]


                           
                    A major vulnerability was discovered in Check Point's Endpoint Security software, that would allow a hacker elevated privileges. According to the researchers, the hole resided as a privilege escalation vulnerability within the software that focused the Check Point Endpoint Agent [CPDA.exe] and the Check Point Device Auxiliary Framework  [IDAFServerHostService.exe]

         The researchers also had this to say: 

         "We found that once the Check Point Device Auxiliary Framework Service (IDAFServerHostService.exe) was started, the IDAFServerHostService.exe signed process was executed as NT AUTHORITY\SYSTEM. Once executed, the service tries to load the atl110.dll Library (“ATL Module for Windows”) library… a missing DLL file from different directories within the PATH environment variable.

Ensure you add the following attribution link: https://latesthackingnews.com/2019/08/29...-security/ | Latest Hacking News"



         Because of the absence of a respective DLL, it was now possible for an attacker to write the missing DLL file and execute code. 


         The flaw was reported on August 1st, and was eventually patched up by having an updated version pushed out on August 27th, all users are urged to ensure they are running the updated version.
 

         Original article can be found here. [Original author: Abeerah Hashim]


         That was the news folks, have a good day, and stay safe out there.


         ---Mad-Architect 

         















                           
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Big Grin News Researchers Warn of High-Severity Dell PowerEdge Server Flaw Mr.Kurd 0 238 07-29-2020, 11:42 AM
Last Post: Mr.Kurd
Shocked News Unpatched Wormable Windows SMBv3 RCE Zero-day Flaw Leaked in Microsoft Security Updat Mr.Kurd 0 422 03-12-2020, 09:39 AM
Last Post: Mr.Kurd
Exclamation News NordVPN Patched a Flaw In Their Payments Platform That Exposed Users’ Details Mr.Kurd 0 389 03-09-2020, 05:34 PM
Last Post: Mr.Kurd
Star News Dell SupportAssist flaw exposes computers to hack Mr.Kurd 0 387 02-11-2020, 03:58 PM
Last Post: Mr.Kurd
  News New Vulnerability Discovered With PHP: NGiNX At Risk Mad-Architect 0 379 10-27-2019, 01:48 PM
Last Post: Mad-Architect
  News New Chinese Cyber Group Discovered: Mad-Architect 0 379 10-03-2019, 02:47 PM
Last Post: Mad-Architect
  News Stop paying for antivirus software Mr.Kurd 0 408 09-24-2019, 12:25 PM
Last Post: Mr.Kurd
  News Facebook Facing Yet More Scrutiny: Discovered Listening To Private Conversations Mad-Architect 0 355 08-17-2019, 02:29 PM
Last Post: Mad-Architect
  News Australian Cyber Spooks Hacked Islamic State Comms Before Major Battle Mad-Architect 0 434 03-27-2019, 08:46 AM
Last Post: Mad-Architect
  News FBI Informed Software Giant Citrix of a Security Breach Mad-Architect 0 490 03-09-2019, 11:57 AM
Last Post: Mad-Architect



Users browsing this thread: 1 Guest(s)