MWG is vulnerable. A hostile DHCP server can craft a DHCP reply to a DHCP request that exploits the MWG DHCP client and allows root privileged remote code execution for the attacker. This attack vector is present only if MWG engine has a dynamic interface that is configured to get an IP address via DHCP.
Recommended Actions: The MWG users who are using the vulnerable version should upgrade to a newer MWG version as soon as they become available. You may want to consider turning off DHCP until the McAfee update.
While the Security Bulletin under: https://kc.mcafee.com/corporate/index?page=content&id=SB10085&actp=null&viewloca le=en_US&showDraft=false&platinum_status=false&locale=en_US
still states, MWG is not updated, I would like to make you aware that 126.96.36.199 has been released that fixes the vulnerability.