The security solution McAfee Endpoint Security (ENS) is actually supposed to protect Windows computers. Due to three weak points, the opposite is now the case. Secure versions provide a remedy.

DoS and malicious code attacks Two of the gaps (CVE – 2020 – 7331 and CVE – 2020 – 7332) are with the threat level ” high “classified. If attackers successfully tackle the vulnerabilities, they could paralyze the protection software via DoS attacks or even execute malicious code on systems. These are the ENS versions 10. 6.1 and 10. 7.0 affected.

The loophole with the identifier CVE – 2020 – 7333 is classified as ” medium “. Here, attackers could execute their own scripts via XSS attacks. Only ENS 10 7.0 is susceptible to this. In the Windows versions 10. November 6th 2020 Update and 10 .7.0 November 2020 Update the developers have closed the gaps.

The warning message does not reveal what specific attacks might look like.

(des)