To exploit the problem, the attacker needs local access.
The macOS version of the Webroot SecureAnywhere anti-virus solution reveals a serious vulnerability that allows executing arbitrary code at the kernel level.
The problem that received the identifier (CVE-2018-16962) is a memory corruption vulnerability and can not be exploited remotely-an attacker will need local access.
The manufacturer has removed the vulnerability with the release of Webroot SecureAnywhere version 126.96.36.199. All users are advised to enable the automatic update feature or manually update to the new software version. Currently, there are no cases of exploitation of the problem.
Recall, previously popular antivirus Adware Doctor was convicted of stealing the history of browsers and confidential user data and sending them to a third-party server managed from China