[原文]Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.
My Firewall Plus contains a flaw in the log viewer as it does not properly drop its privileges. The issue is triggered when using the log viewer's export
functionality to save log files, allowing a local attacker to overwrite arbitrary files with logging information.
Upgrade to version 5.0 (build 1119) or higher, as it has been reported to fix this vulnerability. In addition, Webroot has released a patch for some older versions.