WatchGuard SSL VPN Client update causes a security incident

Benjamin15Benjamin15
in Technical Discussion

The current version includes the following PowerShell script.
It deletes "WGBrowser.exe" from all user accounts. This causes a security incident.
Get-ChildItem 'C:\Users' -Directory | ForEach-Object { $p = Join-Path $.FullName 'AppData\Local\Temp\WGBrowser.exe'; if (Test-Path $p) { Remove-Item $p -Force -ErrorAction SilentlyContinue } }_
Can anyone confirm that this is intentional on WatchGuard’s part?

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Benjamin15

    The SSLVPN client may remove copies of the WGBrowser.exe file if it can't determine that they are the latest version. This is a part of the bugfix:

    -This release resolves an EBWebView directory error that occurred when the Mobile VPN with SSL client was installed on a domain-joined Windows computer. [FBX-31053]

Sign In to comment.