Loading...
Skip to content
  • Log In
  • Contact Us
  • ServicePortal

Patch Resolves Advanced Threat Defense Vulnerability
 

(2/23/2017)
A vulnerability in Advanced Threat Defense (ATD) has been discovered and resolved.

AFFECTED SOFTWARE
  • ATD 3.6.x and earlier
REMEDIATED/PATCHED VERSIONS
The vulnerability is remediated in these versions:
  • ATD 3.8.0 and later  
IMPACT
  • CVE-2017-3899
    SQL Injection in ATD Linux 3.6.0 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter. The ATD 3.8.0 release resolves this vulnerability. Intel Security highly recommends that all customers upgrade to the latest version of ATD.
RECOMMENDATION
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10189, Intel Security - Security Bulletin: Advanced Threat Defense update fixes SQL Injection vulnerability (CVE-2017-3899) (https://kc.mcafee.com/corporate/index?page=content&id=SB10189)

Application and Change Control - Windows End Point 7.0.1 version 354 Now Available
 

Product extensions become disabled in ePO
 

SNS Weekly Roundup - February 21
 

McAfee Agent 5.0.4 Hotfix 1179191 Now Available
 

Patches Resolve ePolicy Orchestrator Vulnerabilities
 

IMPORTANT: Intel collaborates to establish McAfee as a leading independent cybersecurity company
 

Next Generation Firewall and Enterprise Firewall solutions are now part of Forcepoint
 

Welcome to the ServicePortal
 

 

How are we doing?
ServicePortal feedback »

 

The Association of
Support Professionals.
This year's Ten Best
Web Support Sites