UNKNOWNCVE-2016-20059
IObit Malware Fighter 4.3.1 Unquoted Service Path Privilege Escalation
Platform
windows
Component
iobit-malware-fighter
IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted service path and trigger privilege escalation when the service restarts or the system reboots, executing code with LocalSystem privileges.
How to fix
Actualice IObit Malware Fighter a una versión corregida. La vulnerabilidad se debe a una ruta de servicio no entrecomillada, por lo que la actualización debería solucionar el problema al corregir la forma en que se manejan las rutas de servicio.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free