Security Advisories

FSC-2018-1: Multiple Memory Vulnerabilities

Description

Specially crafted IPC messages on F-Secure components FSMA, FSSM and Gatekeeper can lead to denial of service or local privilege escalation.

Affected Products

Risk Level (Low/Medium/High/Critical): Medium

  • Client Security Standard / Premium version 12.32 and below
  • Client Security Standard / Premium version 13.00
  • Server Security Standard / Premium version 12.11 and below
  • Email And Server Security Standard / Premium version 12.11 and below
  • PSB Workstation 12.01.283 all versions (1-7)
  • PSB Email And Server Security version 12.10.280 and below

Platforms

Risk Level (Low/Medium/High/Critical): Medium

  • Windows

More Information

Multiple memory vulnerabilities were discovered in the FSMA, FSSM and Gatekeeper components used in certain F-Secure products. These vulnerabilities can be triggered locally by an attacker without special privileges through specially-crafted inter-process communication (IPC) messages. A successful attack will result in denial of service of the anti-virus product or can lead to privilege escalation.

This issue was reported to F-Secure through the Vulnerability Reward Program. No known attack has been observed in-the-wild at the time of the advisory release.

Mitigating Factors

An attacker would require local code execution rights for successful exploitation. 

Fix Available

Product Versions Download
Client Security Standard / Premium 12.33

Steps to upgrade:

  1. Download the installer from: https://www.f-secure.com/en/web/business_global/downloads/client-security
  2. Import installer to the Policy Manager console and then upgrade hosts with CS 12.32 using policy-based installation or by exporting the MSI package

For more details, please refer to the links below:

Client Security Standard / Premium 13.10

Steps to upgrade:

  1. Download the installer from: https://www.f-secure.com/en/web/business_global/downloads/client-security
  2. Import installer to the Policy Manager console and then upgrade hosts with CS 13.00 using policy-based installation or by exporting the MSI package
Server Security Standard / Premium 12.12

Download and install from the weblink: https://www.f-secure.com/en/web/business_global/downloads/server-security

Email And Server Security Standard / Premium 12.12

Download and install from the weblink: https://www.f-secure.com/en/web/business_global/downloads/email-and-server-security

PSB Workstation 12.01.293

Fixed versions for PSB products will be available on PSB portal download page

PSB Email And Server Security 12.10.284

Fixed versions for PSB products will be available on PSB portal download page

 

Credits

F-Secure Corporation would like to thank ZombiE for bringing this issue to our attention. 

Date Issued: 2018-02-01