cancel
Showing results for 
Search instead for 
Did you mean: 
lmacri
Level 7
Report Inappropriate Content
Message 1 of 14

Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)

Is McAfee LiveSafe affected by the security vulnerability described in the 12-Nov-2019 McAfee Security Bulletin TS102984: McAfee Anti-Virus Plus, and McAfee Internet Security Version 16.0.R22 Refresh 1 Fixes a Privilege Es...?

That security bulletin only mentions McAfee Total Protection (MTP), McAfee Anti-Virus Plus (AVP), and McAfee Internet Security (MIS) up to and including 16.0 R22 as affected products, but Sergui Gatlan's 12-Nov-2019 BleepingComputer article McAfee Patches Privilege Escalation Flaw in Antivirus Software implies that all McAfee antivirus products are affected.

I currently have McAfee LiveSafe v16.0 R21 / VirusScan v22.6.159 (Engine 3890.0, created 12-Nov-2019) and a manual update reports I am fully patched.
-----------
64-bit Win 10 Pro v1903 build 18362.418 * Firefox ESR v68.2.0 * McAfee LiveSafe v16.0 (R21)
Dell Inspiron 5584, Intel i5-8265U@1.60/1.80 GHz, 8 GB RAM, Intel UHD Graphics 620

13 Replies

Re: Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)

Hi @lmacri 

Please let us know whether you get any Virus or Malware alert. 

lmacri
Level 7
Report Inappropriate Content
Message 3 of 14

Re: Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)

Hi Sudhakar_A_K:

Were you asking if my real-time protection is working as expected?  If so, my protection status is currently Secure (all modules are green), the Security Report shows I've had 0 threats fixed (Anti-virus) and 1.8K bad connections blocked (Firewall) in the past 30 days, definition updates are delivered daily (the current VirusScan engine version 3894.0 was created 16-Nov-2019), and my scheduled scans are running when expected.

I'm new to McAfee LiveSafe (a one-year trial was factory-installed on my new Dell laptop) so I have no idea what "normal" behaviour is for LiveSafe is or where I can find release notes for LiveSafe product updates. For now, I'd just like to know if I was supposed to receive the 12-Nov-2019 16.0 R22 Refresh 1 update described <here> that patches the critical vulnerability CVE-2019-3648. My McAfee LiveSafe is still on 16.0 R21 / VirsuScan v22.6.159 (released 04-Aug-2019), and if the product software isn't updating correctly I either to fix it or uninstall McAfee and use one of the available activation seats I have for the Norton Security Deluxe product I use on my other computer.
-----------
64-bit Win 10 Pro v1903 build 18362.418 * Firefox ESR v68.2.0 * McAfee LiveSafe v16.0 (R21)
Dell Inspiron 5584, Intel i5-8265U@1.60/1.80 GHz, 8 GB RAM, Intel UHD Graphics 620

Reliable Contributor Peacekeeper
Reliable Contributor
Report Inappropriate Content
Message 4 of 14

Re: Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)

It is common that partner provided versions of McAfee such as from Dell etc lag a bit behind McAfee subscriptions bought direct from McAfee.. At least this what I found over the past years here.

What is your Affid number in the my info tab and about link within Livesafe Interface.

0 is Mcafee purchased. The update will come once Dell tests it they want to make sure it has no bugs to protect their users I assume.

 

lmacri
Level 7
Report Inappropriate Content
Message 5 of 14

Re: Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)

Hi Peacekeeper:

The Affld for both the McAfee SecurityCenter v18.1.125 (last update 04-Nov-2019) and McAfee WebAdvisor v4.1.1.48 (last update 17-Nov-2019; installed but currently disabled in my Firefox ESR browser) is Affld 105. Automatic Updates are ON.
-----------
64-bit Win 10 Pro v1903 build 18362.418 * Firefox ESR v68.2.0 * McAfee LiveSafe v16.0 (R21)
Dell Inspiron 5584, Intel i5-8265U@1.60/1.80 GHz, 8 GB RAM, Intel UHD Graphics 620

Reliable Contributor Peacekeeper
Reliable Contributor
Report Inappropriate Content
Message 6 of 14

Re: Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)

195 is Dell as you stated. Update should come soon. Mine affix 0 and there already.

Highlighted

Re: Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)

Hi @lmacri 

“Upon learning of this issue, McAfee began working with the reporting researchers on a solution. McAfee distributed an update to consumer customers on November 7, 2019. There is no action required by customers as our consumer products update automatically. Please see our consumer advisory on this matter for more information.”

Please note that while the fix for CVE-2019-3648 has been released, due to the large number of recipients, our updates are released in batches. When a customer’s computer receives an update also depends on where they purchased their subscription, since our partners may release the updates on their determined schedule. If the customer is unwilling to wait for the update, they may choose to reinstall their WSS software in order to obtain the latest version.

lmacri
Level 7
Report Inappropriate Content
Message 8 of 14

Re: Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)


@Sudhakar_A_K wrote:

...Please note that while the fix for CVE-2019-3648 has been released, due to the large number of recipients, our updates are released in batches. When a customer’s computer receives an update also depends on where they purchased their subscription, since our partners may release the updates on their determined schedule. If the customer is unwilling to wait for the update, they may choose to reinstall their WSS software in order to obtain the latest version.


Check for Updates is still reporting that my LiveSafe v16.0.R21 is fully patched .  I contacted Dell Support a few days ago but their support rep simply told me "McAfee is a 3rd party application for us, I won't be able to share any details on it" and suggested I contact McAfee Support for help.

I understand why most McAfee product updates (i.e., feature upgrades and routine bug fixes) would be metered out in batches via automatic updates, but both my Norton Security Deluxe and Malwarebytes programs I use on another computer allow me to circumvent this type of metering and immediately download any available product update by running a manual check for updates.

I'm not comfortable waiting much longer for the v16.0.R22 Refresh 1 product update (released 07-Nov-2019) to be rolled out to my Dell laptop, given that McAfee Security Bulletin TS102984 has already been posted publicly and everyone, including hackers, are aware that v16.0.R21 is susceptible to the privilege escalation vulnerability CVE-2019-3648.  If I log in to my McAfee Account and click the Reinstall link shown in my attached screenshot, will this simply refresh my installation (i.e., and retain my custom configuration settings) or will this completely remove and then reinstall McAfee LiveSafe?
-----------
64-bit Win 10 Pro v1903 build 18362.418 * Firefox ESR v68.2.0 * McAfee LiveSafe v16.0 (R21)
Dell Inspiron 5584, Intel i5-8265U@1.60/1.80 GHz, 8 GB RAM, Intel UHD Graphics 620

Reliable Contributor Peacekeeper
Reliable Contributor
Report Inappropriate Content
Message 9 of 14

Re: Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)

As I and the mod said partners lag a bit though why this delay when there is a security issue is beyond me. 

Dell tests updates themselves or we ex volunteers were told that was the cause of the delay. Reinstalling might get a new version but if it is not available for upgrades I would worry that reinstalling could get r21 as well.

You could try or if you keen uninstall uding mcpr as well and install a trial non Dell for 1 month and then reinstall the Dell version. A big pain and you have to be careful not to pay for the McAfee version the trial end. Good luck

 

lmacri
Level 7
Report Inappropriate Content
Message 10 of 14

Re: Is McAfee LiveSafe Affected by Vulnerability CVE-2019-3648 (Bulletin TS102984)


@lmacri wrote:


The Affld for both the McAfee SecurityCenter v18.1.125 (last update 04-Nov-2019) and McAfee WebAdvisor v4.1.1.48 (last update 17-Nov-2019; installed but currently disabled in my Firefox ESR browser) is Affld 105. Automatic Updates are ON.


Just an FYI that my Dell-branded McAfee LiveSafe v16.0.R21 / SecurityCenter v18.1.125 (Affld = 105) was updated last night to LiveSafe v16.0.R22 / Security Center v18.2.154 (see attached screenshot), but I still don't know if this is the latest "R22 Refresh 1" update that patches privilege escalation vulnerability CVE-2019-3648 described <here>. My VirusScan component was also updated from v22.6.159 to v22.7.150 but I found at least one thread <here> where another McAfee user had VirusScan v22.7.150 as far back as 09-Oct-2019.

Is there a support page or product update blog on the McAfee.com site that posts a release history of product updates so I have some idea of the version number of latest product components?

Thanks to both Sudhakar_A_K and Peacemaker for all your valuable feedback.  I am unable to add kudos in this thread (nothing happens when I click the Kudo button on your posts) but your assistance has been greatly appreciated.
-----------
64-bit Win 10 Pro v1903 build 18362.418 * Firefox ESR v68.2.0 * McAfee LiveSafe v16.0 (R22) / VirusScan v22.7.150
Dell Inspiron 5584, Intel i5-8265U@1.60/1.80 GHz, 8 GB RAM, Intel UHD Graphics 620

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community