FireEye has rushed to patch a serious vulnerability identified in its products by researchers at Google’s Project Zero.
Project Zero researchers Tavis Ormandy and Natalie Silvanovich announced on Friday evening that they had developed a reliable exploit for a remote code execution (RCE) vulnerability affecting FireEye’s Malware Protection System (MPS). The experts haven’t provided any technical details, but Ormandy noted on Twitter that the bug likely affected “every version ever shipped.”
Took all day, but @natashenka and I just got a 100% reliable FireEye remote code execution working. I’ll send the vulnerability report now.
— Tavis Ormandy (@taviso) December 5, 2015
FireEye told SecurityWeek that the RCE vulnerability affected the company’s Network Security (NX), Email Security (EX), Malware Analysis (AX), and File Content Security (FX) products.
“FireEye had been engaged with and was supporting the Google Project Zero team prior to this discovery around the testing of our products. Due to the severity of the vulnerability discovered, we released an automated remediation to customers just 6 hours after notification, mitigating any customer exposure by Saturday morning,” FireEye spokesman Kyrksen Storer said in an emailed statement.
“We are thankful for the opportunity to support the Google team in this process, will continue to support their efforts, and fully support the broader security research community’s efforts to test and improve our products,” Storer added.
This was not the first time researchers reported finding vulnerabilities in FireEye products. In September, FireEye patched several vulnerabilities discovered by Kristian Erik Hermansen and Ron Perris. Hermansen disclosed the details of a flaw before the security firm could release a fix, claiming that he had reported the issue 18 months prior to its public disclosure.
In September, FireEye also resolved five vulnerabilities reported by German security firm ERNW. The issues – which included command injection, code execution, privilege escalation and memory corruption vulnerabilities – affected NX, EX, AX, FX, HX (Endpoint Security) and CM (Central Management) products.
FireEye’s support site currently lists nearly a dozen advisories describing vulnerabilities affecting the company’s products. The list does not include an advisory for the latest flaw reported by Ormandy.
FireEye is not the only security company whose products have been analyzed by the Google researcher. In September, Ormandy reported serious vulnerabilities in products from Kaspersky Lab.

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
- Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations
- Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances
- OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers
- New Honeywell OT Cybersecurity Solution Helps Identify Vulnerabilities, Threats
- Rheinmetall Says Military Business Not Impacted by Ransomware Attack
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
