Home
-
CVE-2019-3585 - McAfee - Improper Privilege Management
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.
-
Windows 7 ESU Patching Changelog
Update 2025-03-20
- Replaced February 2025 Monthly Update (KB5052016) with March 2025 Monthly Update (KB5053620) (x64 only).
- Updated Microsoft Time Stamp Root Certificate Authority 2014.crl.
- Updated Microsoft ECC Root Certificate Authority 2017.crl.
- Updated Microsoft RSA Root Certificate Authority 2017.crl.
- Updated MicRooCerAut_2010-06-23.crl.
-
CVE-2020-11443 - Zoom - Incorrect Permission Assignment for Critical Resource
The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client. Standard users are able to write to this directory, and can write links to other directories on the machine. As the installer runs with SYSTEM privileges and follows these links, a user can cause the installer to delete files otherwise not deletable by the user.
-
CVE-2020-7274 - McAfee - Improper Privilege Management
Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges.
-
CVE-2020-7255 - McAfee - Improper Privilege Management
Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via a configuration error.