If you use protection software from WithSecure (F-Secure) under Linux, macOS or Windows, you should update the applications. If this is not done, attackers could disable protection components.
The products affected are F-Secure Atlant, F-Secure Internet Gatekeeper, F-Secure Linux Security (32 and 64 bit), WithSecure Cloud Protection for Salesforce and WithSecure Collaboration.
The software manufacturer assures that the three vulnerabilities (CVE-2022-28876 “high“, CVE-2022-28878 “medium“, CVE-2022-28879 “medium“) are now closed. The security patches (Capricorn database 2022-07-04_09, 2022-07-11_07) should install themselves automatically.
In all cases, a remote attacker could plant a specially crafted file on the scanners, the processing of which is intended to cause the scan engine to crash. According to WithSecure, it has not observed any attacks so far.
To home page