Check Point Software Patches Privilege Escalation Vulnerability

Check Point Software patched a vulnerability discovered in its Endpoint Security Initial Client software for Windows allowing potential attackers to escalate privileges and execute code using SYSTEM privileges.

The privilege escalation security flaw tracked as CVE-2019-8461 makes it possible for attackers to run malicious payloads using system-level privileges as well as evade anti-malware detection by bypassing application whitelisting, a technique commonly used to prevent the execution of either unknown or potentially malicious apps, Bleeping Computer reported.

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Todd Peterson
Todd Peterson , IAM evangelist
InfoSec Expert
August 29, 2019 3:32 pm

Advanced Privileged Access Management solutions can help safeguard an organisation’s IT environment by protecting and securing backend resources which are accessed by administrators, whose credentials can be used to escalate privileges.

Of course, patching this vulnerability is key to mitigating the problem. In addition, by using Privileged Session Management (PSM) to strategically limit command or application execution to only those necessary for given tasks or more tactically block critical commands and channels on the fly, organisations can minimise their risks of attackers gaining access.

Long term, you can combine your PSM with Privileged Account Analytics which detect anomalies in the privileged users\’ behaviour. This helps to not only provide a baseline for what constitutes ‘normal’ activity, but also allows for visibility and action against unexpected deviations from the baseline.

Last edited 2 years ago by Todd Peterson
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x