Security Advisories

FSC-2016-1: Multiple Issues with F-Secure SAFE for Mac

Description

Multiple issues were found in the Browsing Protection components of F-Secure SAFE for Mac.

Affected Products

Risk Level (Low/Medium/High/Critical): Low

  • F-Secure SAFE for Mac 15.0 - 16.1

Platforms

Risk Level (Low/Medium/High/Critical): Low

  • All supported platforms for the affected product

More Information

The Browsing Protection component and Banking Protection notification in F-Secure SAFE for Mac is exposed to multiple vulnerabilities. User interaction is required prior to exploitation. A successful exploitation will result in either Banking Protection notification being triggered on non-banking sites, malicious URL bypassing Browsing Protection block, clickjacking attempt leading to user clicking on malicious content unintentionally, or user being tricked to whitelist malicious URL within the product.

This advisory will be updated as additional information becomes available.

Fix Available

Product Versions Download
F-Secure SAFE for Mac 16.2 Download link: https://download.sp.f-secure.com/SE/F-Secure-Safe/latest/installer/f-secure-anti-virus-for-mac.mpkg

 

Credits

F-Secure Corporation would like to thank Juho Nurminen (@jupenur) for bringing these issues to our attention and for allowing us ample remediation time. 

Date Issued: 2016-05-03
Date Updated: 2016-05-03