![]() ![]() Customers on ENS 10.7.0 should update to ENS 10.7.0 September 2021 Update.XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process. Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location. You can find details of the issues addressed on the cURL website. This update addresses multiple vulnerabilities, the highest of which are rated critical. cURL is a third-party library used in the product and was updated from 7.22 to the latest. ![]() These releases address two issues in McAfee Enterprise owned code, and an update to cURL library. To receive email notification when this Security Bulletin is updated, click Subscribe on the right side of the page. Install or update to ENS 10.7.0 and 10.6.1 September 2021 Update
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |