Summary
Exodus Intelligence (exodusintel.com) reported three vulnerabilities in the Web Shield feature of Webroot SecureAnywhere. The affected component is wrUrl.dll located in %programdata%\WRData\PKG.
We have created and validated a fixed build, which we have released as wrUrl.dll v2.1.2.3 (Intel) and v2.1.2.4 (ARM64).
The vulnerabilities are tracked as:
- CVE-2024-7824
- CVE-2024-7825
- CVE-2024-7826
We are not aware of any active exploitation of these vulnerabilities in the wild.
Resolution
An updated wrUrl.dll v2.1.2.3 (Intel) and v2.1.2.4 (ARM64) is available via automatic update for all customers. Check wrUrl.dll version located in %programdata%\WRData\PKG to confirm the update to the fixed build.