If the directory configuration for the AutoUpdate feature defined in the registry is not protected against unwanted access, an intruder could insert a SETUP.EXE file that would run during normal update processing under the security context of the Administrator account.
In order for an exploit to be possible, an intruder would have to have valid files associated with AutoUpdate in the configured directory. Required files include PkgDesc.Ini, Setup.ISS, and an executable named Setup.EXE.
VENDOR RESPONSE
According to the discoverer NAI is aware of the matter and
has suggested that users tighten permissions as detailed in the Administrator"s Guide
associated with the software.
|
Netshield 4.5 and VirusScan 4.5 AutoUpgrade Expose System
0 comments
Hide comments