Check Point Software Patches Privilege Escalation Vulnerability

Check Point Software patched a vulnerability discovered in its Endpoint Security Initial Client software for Windows allowing potential attackers to escalate privileges and execute code using SYSTEM privileges.

The privilege escalation security flaw tracked as CVE-2019-8461 makes it possible for attackers to run malicious payloads using system-level privileges as well as evade anti-malware detection by bypassing application whitelisting, a technique commonly used to prevent the execution of either unknown or potentially malicious apps, Bleeping Computer reported.

Experts Comments

August 29, 2019
Todd Peterson
IAM evangelist
One Identity
Advanced Privileged Access Management solutions can help safeguard an organisation’s IT environment by protecting and securing backend resources which are accessed by administrators, whose credentials can be used to escalate privileges. Of course, patching this vulnerability is key to mitigating the problem. In addition, by using Privileged Session Management (PSM) to strategically limit command or application execution to only those necessary for given tasks or more tactically block.....Read More
Advanced Privileged Access Management solutions can help safeguard an organisation’s IT environment by protecting and securing backend resources which are accessed by administrators, whose credentials can be used to escalate privileges. Of course, patching this vulnerability is key to mitigating the problem. In addition, by using Privileged Session Management (PSM) to strategically limit command or application execution to only those necessary for given tasks or more tactically block critical commands and channels on the fly, organisations can minimise their risks of attackers gaining access. Long term, you can combine your PSM with Privileged Account Analytics which detect anomalies in the privileged users' behaviour. This helps to not only provide a baseline for what constitutes ‘normal’ activity, but also allows for visibility and action against unexpected deviations from the baseline.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.