To Customer Support To Customer Support

Kernel exploit discovered in macOS Webroot SecureAnywhere antivirus software

  • 13 September 2018
  • 11 replies
  • 59 views
TripleHelix
Rank
Userlevel 7
Badge +63
The severe memory corruption flaw permitted attackers to execute malware at the kernel level.
 
Full Story: https://www.zdnet.com/article/code-execution-bug-discovered-in-macos-webroot-secureanywhere-antivirus-software/
 
https://twitter.com/CVEnew/status/1039978374482014210
Daniel - Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station"

11 replies

ProTruckDriver
Rank
Userlevel 7
I hope Webroots on it and getting it fixed ASAP!
Late 2015 ~ 5K ~ 27 inch iMac ~ macOS Catalina 10.15.7 ~ Clone & Backup with: SuperDuper - Time Machine & iCloud. PWM: RoboForm.  "An Apple a Day, Keeps Microsoft Away." 
TripleHelix
Rank
Userlevel 7
Badge +63
@ should have a look at this!
Daniel - Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station"
TripleHelix
Rank
Userlevel 7
Badge +63
It's been Fixed since July 24th, 2018 so this article is a little late in reporting.
 
Mac Version 9.0.8.34 (Released July 24th, 2018)
 
Mac Version 9.0.8.34 (Released July 24th, 2018)
Fixed
  • MAC Vulnerability by hardening driver access to processes without root privileges. 
 
See here: http://answers.webroot.com/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=2022
Daniel - Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station"
ProTruckDriver
Rank
Userlevel 7
@ wrote:
It's been Fixed since July 24th, 2018 so this article is a little late in reporting.
 
Mac Version 9.0.8.34 (Released July 24th, 2018)
 
Mac Version 9.0.8.34 (Released July 24th, 2018)
Fixed
  • MAC Vulnerability by hardening driver access to processes without root privileges. 
 
See here: http://answers.webroot.com/Webroot/ukp.aspx?pid=10&app=vw&vw=1&login=1&json=1&solutionid=2022
 

Excellent!
Late 2015 ~ 5K ~ 27 inch iMac ~ macOS Catalina 10.15.7 ~ Clone & Backup with: SuperDuper - Time Machine & iCloud. PWM: RoboForm.  "An Apple a Day, Keeps Microsoft Away." 
M
Rank
@ wrote:
It's been Fixed since July 24th, 2018.
Yes, that was the bit that impressed me:
"Trustwave says that after reporting the issue, Webroot quickly resolved the vulnerability"
 
Just what you would expect from a reputable AV company :D
 
Ssherjj
Rank
Userlevel 7
Badge +62
Hi Webrooters!
 
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. 😢
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
TripleHelix
Rank
Userlevel 7
Badge +63
@ wrote:
Hi Webrooters!
 
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. ;(
It has been fixed since July 24th https://community.webroot.com/t5/Webroot-in-the-News/Kernel-exploit-discovered-in-macOS-Webroot-SecureAnywhere/m-p/328988#M16 so the Article is quite late in it's reporting in the link in the first post!
Daniel - Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station"
Ssherjj
Rank
Userlevel 7
Badge +62
@ wrote:
@ wrote:
Hi Webrooters!
 
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. ;(
It has been fixed since July 24th https://community.webroot.com/t5/Webroot-in-the-News/Kernel-exploit-discovered-in-macOS-Webroot-SecureAnywhere/m-p/328988#M16 so the Article is quite late in it's reporting in the link in the first post!
Thank you Daniel! I thought I read that this vulnerability was fixed in July. 
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
TripleHelix
Rank
Userlevel 7
Badge +63
@ wrote:
@ wrote:
@ wrote:
Hi Webrooters!
 
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. ;(
It has been fixed since July 24th https://community.webroot.com/t5/Webroot-in-the-News/Kernel-exploit-discovered-in-macOS-Webroot-SecureAnywhere/m-p/328988#M16 so the Article is quite late in it's reporting in the link in the first post!
Thank you Daniel! I thought I read that this vulnerability was fixed in July. 
I don't know why ZDNet would post that article today if it happened a couple of months ago??? It's Stupid IMO like old news. :@
 
By Charlie Osborne for Zero Day | September 13, 2018 -- 12:00 GMT (05:00 PDT) | Topic: Security
Daniel - Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station"
Ssherjj
Rank
Userlevel 7
Badge +62
@ wrote:
@ wrote:
@ wrote:
@ wrote:
Hi Webrooters!
 
This stinks! Makes you wonder now if Webroot can protect the Mac after seeing this vulnerability happen. ;(
It has been fixed since July 24th https://community.webroot.com/t5/Webroot-in-the-News/Kernel-exploit-discovered-in-macOS-Webroot-SecureAnywhere/m-p/328988#M16 so the Article is quite late in it's reporting in the link in the first post!
Thank you Daniel! I thought I read that this vulnerability was fixed in July. 
I don't know why ZDNet would post that article today if it happened a couple of months ago??? It's Stupid IMO like old news.
 
By Charlie Osborne for Zero Day | September 13, 2018 -- 12:00 GMT (05:00 PDT) | Topic: Security
Beats me Daniel. It got me nervous and jerky for awhile. I checked my Mac and I'm running 10.11 OS . Which is a good thing. I'm also not able to update, upgrade any further past that. 
Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sonoma (14.3.1}, Security: iPads, W 10 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
M
Rank
@ wrote:I don't know why ZDNet would post that article today if it happened a couple of months ago???
Because Trustwave only publically revealed their discovery of the security flaw today, as stated at the beginning of the article:
On Thursday, researchers from the Trustwave SpiderLabs team revealed the flaw, which impacts the macOS version of the software.
 
 
Also, see the Trustwave blog post they link to:
CVE-2018-16962: Webroot SecureAnywhere macOS Kernel Level Memory Corruption
September 13, 2018        Neil Kettle       Comments (0)Trustwave recently discovered a locally exploitable issue in the macOS version of the Webroot SecureAnywhere solution. The issues root cause is an arbitrary user-supplied pointer being read from and potentially written too. As such, the issue arms an attacker with...
Read More 
 
Admittedly, the article is a bit misleading at the beginning (the news media are by their very nature as commercial organisations trying to attract attention to their articles with catchy headlines and introductions), but if you read it to the end it becomes clear.
 

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.