Summary

For the Webroot Windows agent, here is more information concerning a vulnerability discovered by Cirosec.

Resolution

Cirosec, an IT security company based in Germany, reported a vulnerability in the Webroot Windows agent in late 2023. We worked with Cirosec to create and validate a fixed build, which we have released as version 9.0.35.17.

Version 9.0.35.17 is available via automatic update for all customers.

The vulnerability is tracked as CVE-2023-7241. We are not aware of any active exploitations of this vulnerability in the wild.

Link to fixed build:

Home users: https://anywhere.webrootcloudav.com/zerol/wsainstall.exe

Business users: https://anywhere.webrootcloudav.com/zerol/wsasme.exe