McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges

McAfee has patched two high-severity vulnerabilities in a component of its McAfee Enterprise product that attackers can use to escalate privileges, including up to SYSTEM.

According to McAfee’s bulletin, the bugs are in versions prior to 5.7.5 of McAfee Agent, which is used in McAfee Endpoint Security, among other McAfee products.

The Agent is the piece of McAfee ePolicy Orchestrator (McAfee ePO) that downloads and enforces policies and executes client-side tasks such as deployment and updating.

Read more…
Source: ThreatPost