McAfee security bug bites deep
Who guards the guards?
Posted in Enterprise Security, 2nd August 2006 15:38 GMT
Free whitepaper – Solid State Drives and High-Speed Memory
McAfee has fixed a flaw involving older versions of its consumer security software that creates a means for hackers to compromise vulnerable systems.
The bug is the latest in a string of flaws affecting security software packages that have come to light over recent months.
In this case, the unspecified security bug relates to McAfee SecurityCenter, creating a means to execute hostile code providing users can be tricked into visiting a malicious website.
The vulnerability affects versions 4.3 through 6.0.22 of SecurityCenter, a component of a wide range of McAfee security products including: McAfee Internet Security Suite 2006, McAfee Wireless Home Network Security, McAfee Personal Firewall Plus, McAfee VirusScan, McAfee Privacy Service, McAfee SpamKiller and McAfee AntiSpyware.
Users are advised to update to McAfee SecurityCenter, as explained in an advisory by McAfee here. Most, but not all, McAfee users will automatically receive the update.
The bug was discovered by security researchers at eEye Digital Security, which has published an advisory here. ®
Free whitepaper – Ensuring service assurance in the new normal
The Register Guide to Extended Validation
The Evolving Security Landscape
The Impact of IT Security Attitudes
Risk and Resilience
Linux on the Desktop
