Our guiding principle for CVSS scoring is to score the exploit under consideration by itself. When calculating CVSS scores, McAfee has adopted a philosophy that fosters consistency and repeatability.
For more information, visit the CVSS website at. This system offers an unbiased criticality score between 0 and 10 that customers can use to judge how critical a vulnerability is and plan accordingly. The product version displays.ĬVSS, or Common Vulnerability Scoring System, is the result of the National Infrastructure Advisory Council's effort to standardize a system of assessing the criticality of a vulnerability.
How do I know if my McAfee product is vulnerable or not?
Review the Release Notes and the Installation Guide for instructions on how to install these updates. See KB56057 for instructions to download McAfee products, documentation, updates, and hotfixes. Go to the Product Downloads site, and download the applicable product update file: To remediate this issue, update to VSE 8.8 Patch 16. Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks. To receive email notification when this Security Bulletin is updated, click Subscribe on the right side of the page. CWE-732 - Incorrect Permission Assignment for Critical Resource