![[Image: 1*TYAzzTJ60x-qg5N81ElU9A.png]](https://hackernoon.com/hn-images/1*TYAzzTJ60x-qg5N81ElU9A.png)
A major vulnerability was discovered in Check Point's Endpoint Security software, that would allow a hacker elevated privileges. According to the researchers, the hole resided as a privilege escalation vulnerability within the software that focused the Check Point Endpoint Agent [CPDA.exe] and the Check Point Device Auxiliary Framework [IDAFServerHostService.exe]
The researchers also had this to say:
"We found that once the Check Point Device Auxiliary Framework Service (IDAFServerHostService.exe) was started, the IDAFServerHostService.exe signed process was executed as NT AUTHORITY\SYSTEM. Once executed, the service tries to load the atl110.dll Library (“ATL Module for Windows”) library… a missing DLL file from different directories within the PATH environment variable.
Ensure you add the following attribution link: https://latesthackingnews.com/2019/08/29...-security/ | Latest Hacking News"
Because of the absence of a respective DLL, it was now possible for an attacker to write the missing DLL file and execute code.
The flaw was reported on August 1st, and was eventually patched up by having an updated version pushed out on August 27th, all users are urged to ensure they are running the updated version.
Original article can be found here. [Original author: Abeerah Hashim]
That was the news folks, have a good day, and stay safe out there.
---Mad-Architect
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
