14 DAY TRIAL // Trustwave SpiderLabs' security research team unveiled a Webroot SecureAnywhere vulnerability which allows attackers to run malicious code in local kernel mode code.
According to the advisory, the Webroot SecureAnywhere issue can be locally exploited which means that any attacks would have to be based on executing malware on the machine or use social engineering techniques to persuade logged in users to run the exploit.
This makes it a somewhat less dangerous security flaw with a much narrower usage spectrum, seeing that without physical access to the compromised machine, attackers have to rely on far slower and time-consuming techniques as detailed above.
The kernel level memory corruption vulnerability described in Trustwave SpiderLabs' security research is caused by a user-supplied pointer being potentially read from and or written to.
Trustwave said that "as such, the issue arms an attacker with a write-what-where kernel gadget with the caveat that the original value of the memory referenced by the pointer must be equal to (int) -1."
Latest Webroot SecureAnywhere 9.0.8.34 version has been patched
As detailed in the report Webroot have been contacted, and they have issued a software patch for their Webroot SecureAnywhere security suite designed to offer customers complete protection from identity theft and viruses.
"The security of our customers is of paramount importance to Webroot. This vulnerability was remedied in software version 9.0.8.34 which has been available for our customers since July 24, 2018. We have no evidence of any compromises from this vulnerability," said Webroot in a statement.
Thus, if you are a macOS and Webroot SecureAnywhere user and you want to make sure that you are protected, make sure to update your security suite to the latest 9.0.8.34 release, patched against the CVE-2018-16962 kernel level memory corruption vulnerability.
According to Webroot SecureAnywhere's developer, there are no known incidents where this locally exploitable issue has been used to compromise Macs.
