Joined
Apr 18, 2013
Messages
253
Operating System
Windows 7
Antivirus
Comodo
#1
A vulnerability in the Panda 2016 products that allows the execution of code with elevated permissions has been detected in Small Business Protection and Panda 2016 products. The PSEvents.exe process is periodically run with elevated permissions and has dependencies of libraries located both in the default directory as well as in other system libraries. As the USERS group has Write permissions over the folder where the PSEvent.exe process is run and because the system first looks for libraries run by this process in the execution folder, it may be possible to create a malicious library in the execution folder that will replace one of the libraries installed in other folders. Therefore, a user could run malicious code with SYSTEM privileges.

Privilege escalation vulnerability in PSEvents.exe with Panda 2016 products - Technical Support - Panda Security
 

Spawn

Administrator
MalwareTips Team
Verified
Joined
Jan 8, 2011
Messages
17,416
Operating System
Windows 10
Antivirus
Windows Defender
#2
Never liked Panda at all, not liked in the past nor in the present. Joking. :p @darko999

It's not listed on their Tech Support page, but does this affect Panda Free Antivirus as well?
 

spaceoctopus

Level 14
Verified
Joined
Jul 13, 2014
Messages
661
Operating System
Windows 10
Antivirus
Malwarebytes
#4
I think it should apply to the FREE version too.But from what i understand from the document, someone has to have access to your PC and obviously need a certain level of skill in programming languages. There is the Hotfix and they should push the fix in the next product update soon.
 
Last edited: