Fortinet Discovers F-Secure Server Security DLL Preloading Vulnerability
Fortinet's FortiGuard Labs has discovered a DLL preloading vulnerability in F-Secure's F-Secure Server Security.
F-Secure Server Security provides protection for Microsoft Windows Server, Citrix and Linux Servers. It provides advanced anti-malware protection, DeepGuard, Patch Management, Web Protection, and other security features for Servers.
F-Secure Server Security for Windows is susceptible to a DLL preloading vulnerability. The issue occurs when the application looks to load a DLL for execution and an attacker provides a malicious DLL to use instead. The application generally follows a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application.
Users should apply the solution provided by F-Secure.
Fortinet reported the vulnerability to F-Secure on June 16, 2017.
F-Secure confirmed the vulnerability on June 29, 2017.
F-Secure patched the vulnerability on July 17, 2017.
This vulnerability was discovered by Kushal Arvind Shah of Fortinet's FortiGuard Labs.