Suporte técnico

Como podemos ajudá-lo?

 

Installation of files with non-secure permissions in Corporate products

Informações se aplicam a:

Produtos
Panda for Desktops
Panda for File Servers (Windows)

Operating Operacionais
Windows 2000 ProfessionalWindows XP (32-bit Edition)
Windows 2000 ServerWindows XP (64-bit Edition)
Windows Server 2003Windows Server 2008
Windows Vista (32-bit Edition)Windows 7 (32-bit Edition)
Windows Vista (64-bit Edition) Windows 7 (64-bit Edition)

Situation

A vulnerability has been detected in the installation of Corporate Software Solution products which gives Full Control permissions over the program's installation directory files.

Consequently, a local user without the necessary privileges could replace the files with malicious executable files and run arbitrary code with SYSTEM privileges.

Solution

To resolve the local privilege escalation problems, Panda Security has developed a hotfix. Follow the steps below to apply it:

  1. Download the hotfix for your operating system:
  2. Save the file to your hard disk; to the Windows Desktop, for example.
  3. Run the downloaded file. You can do this by double-clicking the file to apply the hotfix.
  4. Check that the incident has been resolved.

Panda Security would like to thank researcher Nikolas Sotiriu for working responsibly with us and for his constant effort to improve security.

Número do artigo- 20130111 40061 EN
ESTAMOS SEMPRE ONLINE PARA AJUDÁ-LO TWITTER FÓRUM
ESTAMOS SEMPRE ONLINE PARA AJUDÁ-LO TWITTER FÓRUM