Skip to main content

McAfee Antivirus


Dangerous hole found in McAfee ePO antivirus central management suit















Intel Security’s McAfee has released a patch for a very  critical SQL injection flaw in e Policy Orchestrator or ePO, its admin console used to manage software and antivirus on tens of millions of enterprise devices worldwide web.
Cisco’s Talos security team has been  disclosed details of the issues in  today life, warning that anyone has on the web can send a specific  crafted HTTP POST in an SQL query that causes an ePO database to spill enough information to profile users or monitor IT infrastructure.
“An attacker can use any HTTP client to trigger this vulnerability,” Talos researchers said.
ePO is used by 30,000 enterprise customers worldwide, and is responsible for keeping 60 million devices secure, according to McAfee.
McAfee has given the bug the highest CVSS v3 Base score of 10.0, noting that the bug is not complex to exploit and doesn’t require user privileges or interaction.
Affected products include ePO 5.1.3 and earlier and ePO 5.3.2 and earlier. The company has released hotfix files to address the issue.
Security admins use the ePO console to centrally manage antivirus and software polices via software agents that are installed on endpoint devices. Talos researchers discovered that the bug can also be used to impersonate these agents and cause information disclosure.
Given ePO’s role in managing endpoint antivirus, the software is likely to be an attractive target to attackers. It serves as yet another reminder that flaws in security software can widen a user’s attack surface, as a former Mozilla engineer highlighted recently.
“Vulnerabilities  can permit deep insight into the organization without an attacking requiring any privileged access to the centralized platforms such as Active Directory, with this access an attacker can profile users and the infrastructure passively,” said Talos.
Talos says the vulnerability lies within the application server for ePO’s Apache Tomcat-based administrator management console. The server is reachable via the console directly, or by way of a custom protocol, known as SPIPE, that hands off communication between agents and the console.
Talos’ detailed writeup is available ,where it explains that to mitigate this attack ePO customers can shut off direct access to the console and limit it to SPIPE.
“To ensure that an attacker does not have direct access to the vulnerability and instead has to use just SPIPE as an agent, verify that port 8443 that the McAfee 






Comments

Popular posts from this blog

McAfee Internet protection: Manage Devices
When we are using Mcafee Productin our devices ,so this article will help you how to perform the mcafee products and manage the devices. 
At Optimum, we want to provide a safe Internet experience for our customers. That is why we have partnered with McAfee a security industry leader to provide Internet protection. McAfee is part of Intel Security. If you have not installed Internet protection McAfee click here.My Account PortalTo add or remove devices covered with your subscription to Internet protection, use the My Account portal. Settings for specific devices cannot be managed through the My Account portal, that is done within the Application Console.
Add Devices in My AccountSign in to the My Account portal going to Optimum.net/protectTo add a device, click the Download on the tab. You can protect up to 20 devices.Choose a product - you have a choice of PC/Laptop, Mac, Smartphone and TabletPC/Laptop and Mac have choices for McAfee Multi Access…
What are the steps to install mcafee using a mcafee livesafe retail card
In case, you have obtained McAfee retail card in store and looking to cash in this card to download and install this application on your PC and activate your card then no worries, McAfee support explains you all here in this blog today.Just follow these given steps and soon you’ll be enjoying the benefits of this card and will be able to secure your PC. In case, you face some issues on your PC then connect with an expert. You don’t have to worry anymore these are simple steps, even if you are not tech savvy despite that you can easily follow them.Steps to follow:Solution 1Activate your subscriptionFirst turn on your PC and connect it to a secured internet network and open your web browser and there you have to enter the URL you have on your card.Next, you need to choose language and country from its dropdown list.Note: when you register this page tries to choose your region automatically and might be possible that…
How to Activate Your McAfee Product /Redeem Your Retail Card :When ever we can use Mcafee Product in Our PC  , then we can easily activate our Mcafee product using these steps shown below :Follow these steps to redeem a McAfee software product card that you purchased or freeware .

After you redeem the card, you can download and install your McAfee software and activate your subscription.

Step -1 ) Open a web browser and go to the link shown on your retail card

Step -2 ) Select:
Your country and language.
The registration page tries to select the correct region, but it might not always get this right. Confirm that the region is correct before you continue.

Step -3 ) Type:
The activation code from your retail card.
Your Email Address.

Step -4 ) Click Submit.
When prompted, check that your Email Address is correct. If your email address is incorrect:
Click Edit to return to the previous screen.
Correct your email address.

Step -5 ) Click Verify.
Your subscription is now activated.

Step -6 ) Follow the …