McAfee Virtual Technician MVT.MVTControl ActiveX Control Insecure Method

2012-05-04T00:00:00
ID SAINT:6BD778ECDB69B25E03DAA2C0A62C7326
Type saint
Reporter SAINT Corporation
Modified 2012-05-04T00:00:00

Description

Added: 05/04/2012
BID: 53304

Background

McAfee Virtual Technician is a free automated diagnosis and and problem resolution tool which scans a Windows system to ensure that McAfee products are installed correctly.

Problem

McAfee Virtual Technician ActiveX control (MVT.dll), as provided in McAfee Virtual Technician 6.3.0.1911 (and perhaps other versions), is vulnerable to remote code execution caused by an insecure GetObject method.

Resolution

Contact the vendor to determine when the product has been patched. In the interim, the MVT.MVTControl ActiveX control in MVT.dll can be disabled by following Microsoft's instructions at <http://support.microsoft.com/kb/240797> to disable **clsid:2EBE1406-BE0E-44E6-AE10-247A0C5AEDCF**.

References

<http://retrogod.altervista.org/9sg_mcafee_vt_adv.htm>

Limitations

This exploit has been tested against McAfee Virtual Technician 6.3.0.1911 on Microsoft Windows XP SP3 English (DEP OptIn) and Microsoft Windows 7 SP1 (DEP OptIn).

The exploit page must be opened using Internet Explorer 8 or 9 on the target.

Platforms

Windows