Merge fix for CVE-2019-3567 from osquery 3.4.0 #47
What operating system and version are you using?
The issue is specific to the Windows build.
What version of osquery are you using?
The fix is available in osquery 3.4.0, and the relevant commit appears to be this one. It is not marked as a security fix nor does it mention the CVE, but this appears to be it.
The solution is to migrate installations to the 'Program Files' directory on Windows which restricts unprivileged write access.