McAfee has installed two high-density bugs in its Agent component, one of which can allow attackers to access code unfairly via SYSTEM rights. It has linked two high-risk components to its Enterprise product that attackers can use to maximize rights, including up to SYSTEM.
According to a report, the bugs are in the pre-5.7.5 versions of McAfee Agent, used in Endpoint Security, among other products. A component of McAfee in the Political Orchestrator (McAfee in PO) that downloads and implements policies and performs client side functions such as feeds and reviews.
The Agent is also the event loading event and provides additional data about the status of each system. Collecting and sending event information from time to time on McAfee’s ePO server, Agent – who also installs and updates endpoint products – the required installation for any network system that needs to be managed.
Read More: https://threatpost.com/mcafee-bug-windows-system-privileges/177857/