CVE-2016-8008

Name of the Vulnerable Software and Affected Versions McAfee Security Scan Plus (SSP) version 3.11.376

Description A privilege escalation issue exists, allowing attackers to load a replacement version.dll file via McAfee McUICnt.exe onto a Windows system. This issue affects Windows 7 and Windows 10 systems.

Recommendations For McAfee Security Scan Plus (SSP) version 3.11.376, consider restricting access to the McUICnt.exe executable until a patch is available. As a temporary workaround, avoid using the version.dll file in sensitive operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.