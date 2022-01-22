Trellix, formerly McAfee Enterprise., announced today that it has fixed a bug in software McAfee Agent for Windows. The vulnerability allowed attackers to increase system account privileges, in addition to opening the way for arbitrary code execution, that is, giving full control of the device to criminals, on the machines where the program is installed.

McAfee Agent is one of the components of McAffe ePolicy Orchestrator, software used to control the defense of corporate environments and networks. The Agent, in particular, is focused on providing and configuring security policies in endpoints. In addition, it is also responsible for downloading updates for all other programs in the solution.

The flaw in question, documented as CVE-2022-0166, was discovered by cybersecurity analyst Will Dormman, and has been fixed in the 5.7.5 update for McAfee Agent released Tuesday. The vulnerability can be exploited in all previous versions of the software, and therefore the company advises that the new version be installed as soon as possible.

The Danger of McAfee Failure

The flaw, if exploited by attackers, makes it possible to infect the system with various viruses, in addition to escalating the privileges of the hacked accounts to the highest level of Windows authorization, allowing criminals to take complete control of the machine. In addition, it can also be used to hide potential malicious actors on the device.

The update can be downloaded from the McAfee website, or installed directly from the application’s menu.