Hi @ll, several McAfee "security" products, most notably their Security Scan Plus (see for a previous advisory) which Adobe pushes to unsuspecting users of Adobe Reader and Flash Player, are offered as executable installers built with the vulnerable Nullsoft Scriptable Install System (NSIS) (see for details). These executable installers are vulnerable and allow arbitrary (remote) code execution and escalation of privilege via the well- known attacks already published in the advisory regarding NSIS and the advisory titled Mitigations for "carpet bombing" alias "directory poisoning" attacks against executable installers For details specific to Intel's/McAfee's products and their vulnerabilities see Intel's Security Bulletin published today: stay tuned Stefan Kanthak