This is in relation to Case# 06455547. Although we have a limited amount of local admins, the SEP Cleanwipe tool is not asking for an uninstall password even though we enforce an uninstall password. This can take control away from IT Security and allow anyone with admin rights to remove security software that is considered a last line of defense. Additionally in an escalation or privileges scenario, you can give an attacker elevated rights to remove this software if using this tool, where as if they tried to remove this manually, they would be prompted for an uninstall password.
↧