Posts Tagged ‘Vulnerability in Outpost Security Suite’

Outpost logo

Vulnerability in Outpost Security Suite

This error makes it possible to bypass the security of the program.

According to the report, the independent expert on security by installing a computer package Agnitum Outpost Security Suite, set all the values ​​of proactive protection at the maximum level. That is, in his words, in this mode, no external device is determined by the system, and especially should not be installed. To do so, perform these steps to resolve the control panel software. However, contrary to the user, the system will detect and install the USB device.

The fact that, in the training mode proactive protection Outpost when a suspicious activity program asks the user for action. But if, after the conclusion of the message dialog lock the system (for example, by pressing Win + L), then the antivirus sees this as a license to perform the requested action.

As proof author presented the scheme of process automation. At run time, while blocking antivirus system icon indicates the transition from learning mode to “enable mode”, thus providing access to restricted features.

“For example, programs that do not explicitly forbidden to go online, will now come out,” – said the author.

According to him, this product features he reported to the manufacturer, but he ignored the notice, and the defect has not been fixed. Vulnerabilities present in versions 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842). (more…)