The company SafeBreach security researchers recently discovered a security flaw in antivirus software company Check Point in (CVE-2019-8461). The affected products are used on the original Windows Device Endpoint Security client software, which is included in the previous version of E81.30.
SafeBreach said the vulnerability affects devices auxiliary frame of the device service. The computer automatically perform a service has SYSTEM privileges at startup, load the library file and folder named atl110.dll from the PATH environment variable file. Hackers can disguise a malicious file into a file and atl110.dll into folders for privileges. Therefore, hackers can hide their malicious software or applications to bypass the whitelist.
In addition, there are also reports that SafeBreach Trend Micro products and Bitdefender found a similar flaw. Currently, Check Pointy has released security updates to patch this vulnerability.