Technical Support

Need help?

 

Installation of files with non-secure permissions in Corporate products

Information applies to:

Products
Panda for Desktops
Panda for File Servers (Windows)

Operating systems
Windows 2000 ProfessionalWindows XP (32-bit Edition)
Windows 2000 ServerWindows XP (64-bit Edition)
Windows Server 2003Windows Server 2008
Windows Vista (32-bit Edition)Windows 7 (32-bit Edition)
Windows Vista (64-bit Edition) Windows 7 (64-bit Edition)

Situation

A vulnerability has been detected in the installation of Corporate Software Solution products which gives Full Control permissions over the program's installation directory files.

Consequently, a local user without the necessary privileges could replace the files with malicious executable files and run arbitrary code with SYSTEM privileges.

Solution

To resolve the local privilege escalation problems, Panda Security has developed a hotfix. Follow the steps below to apply it:

  1. Download the hotfix for your operating system:
  2. Save the file to your hard disk; to the Windows Desktop, for example.
  3. Run the downloaded file. You can do this by double-clicking the file to apply the hotfix.
  4. Check that the incident has been resolved.

Panda Security would like to thank researcher Nikolas Sotiriu for working responsibly with us and for his constant effort to improve security.

Help nº- 20130111 40061 EN

Have you resolved your query with this article?

yes no

Thanks for your answer


Why didn't you find it helpful?


The instructions are too complex.
The instructions are too long.
The instructions don't work.
I'd rather have a video.
Other reasons.




Talk to a technician!

 

Business hours: Mondays-Fridays 9:00 to 18:00 CET

Outside business hours, please use the online form.





ALWAYS ONLINE TO HELP YOU TWITTER FORUM CHAT
ALWAYS ONLINE TO HELP YOU TWITTER FORUM CHAT