Red Security

Red Security > General > News > Check Point Software Discovered To Have Major Flaw:
Full Version: Check Point Software Discovered To Have Major Flaw:
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Mad-Architect

08-29-2019, 04:20 PM
[Image: 1*TYAzzTJ60x-qg5N81ElU9A.png]


                           
                    A major vulnerability was discovered in Check Point's Endpoint Security software, that would allow a hacker elevated privileges. According to the researchers, the hole resided as a privilege escalation vulnerability within the software that focused the Check Point Endpoint Agent [CPDA.exe] and the Check Point Device Auxiliary Framework  [IDAFServerHostService.exe]

         The researchers also had this to say: 

         "We found that once the Check Point Device Auxiliary Framework Service (IDAFServerHostService.exe) was started, the IDAFServerHostService.exe signed process was executed as NT AUTHORITY\SYSTEM. Once executed, the service tries to load the atl110.dll Library (“ATL Module for Windows”) library… a missing DLL file from different directories within the PATH environment variable.

Ensure you add the following attribution link: https://latesthackingnews.com/2019/08/29...-security/ | Latest Hacking News"



         Because of the absence of a respective DLL, it was now possible for an attacker to write the missing DLL file and execute code. 


         The flaw was reported on August 1st, and was eventually patched up by having an updated version pushed out on August 27th, all users are urged to ensure they are running the updated version.
 

         Original article can be found here. [Original author: Abeerah Hashim]


         That was the news folks, have a good day, and stay safe out there.


         ---Mad-Architect 

         















                           
Red Security > General > News > Check Point Software Discovered To Have Major Flaw: