Solutions

Advisory issued on 11th May, 2021

Administrator May-11th, 2021 8:07 1 0

Description

Unquoted service path in K7 Consumer products allows local users to launch processes with elevated privileges.

List of affected products

K7 Consumer Products & K7 Endpoint Security Products

Fixed Versions

K7 Computing recommends that all customers update their products to the corresponding versions shown below:

K7 Ultimate Security (16.0.0103 or Higher) 

K7 Total Security (16.0.0103 or Higher) 

K7 Antivirus Premium (16.0.0103 or Higher) 

K7 Enterprise Security (14.2.0001 or Higher)

Acknowledgments

We would like to express our gratitude to "Andrei Saygo of Microsoft DSRE Red Team working with Microsoft Vulnerability Research (MSVR)" for reporting these vulnerabilities to us along with comprehensive details.

Vote

Was this article helpful?
1 out of 1 found this helpful