Multiple issues were found in the Browsing Protection components of F-Secure SAFE for Mac.
The Browsing Protection component and Banking Protection notification in F-Secure SAFE for Mac is exposed to multiple vulnerabilities. User interaction is required prior to exploitation. A successful exploitation will result in either Banking Protection notification being triggered on non-banking sites, malicious URL bypassing Browsing Protection block, clickjacking attempt leading to user clicking on malicious content unintentionally, or user being tricked to whitelist malicious URL within the product.
This advisory will be updated as additional information becomes available.
Product | Version | Download |
---|---|---|
F-Secure SAFE for Mac |
16.2 | Download link: https://download.sp.f-secure.com/SE/F-Secure-Safe/latest/installer/f-secure-anti-virus-for-mac.mpkg |
F-Secure Corporation would like to thank Juho Nurminen (@jupenur) for bringing these issues to our attention and for allowing us ample remediation time.
Date Issued: 2016-05-03
Date Updated: 2016-05-03