Mac users utilizing ESET's endpoint antivirus are advised to update to version 184.108.40.206 as soon as possible in order to mitigate a serious issue that allows attackers to execute arbitrary code on their machines.
The issue, discovered by Google security researcher Jason Geffner, was caused by the usage of an old library inside ESET's antivirus source code.
Geffner says vulnerable versions of the ESET Mac antivirus used the POCO XML parser library version 1.4.6p1 from 2013-03-06, which in turn was forked from Expat XML parser library version 2.0.1 from 2007-06-05.
Recently, security researchers became aware of a vulnerability (CVE-2016-0718) in the Expat library that allowed for remote code execution via malformed XML content.
This Expat flaw trickled down to the ESET Mac antivirus, where developers had used POCO to parse XML content streams.