McAfee security bug bites deep
Print storyWho guards the guards?
Posted in Enterprise Security, 2nd August 2006 15:38 GMT
Free whitepaper – Avoiding 7 common mistakes of IT security compliance
McAfee has fixed a flaw involving older versions of its consumer security software that creates a means for hackers to compromise vulnerable systems.
The bug is the latest in a string of flaws affecting security software packages that have come to light over recent months.
In this case, the unspecified security bug relates to McAfee SecurityCenter, creating a means to execute hostile code providing users can be tricked into visiting a malicious website.
The vulnerability affects versions 4.3 through 6.0.22 of SecurityCenter, a component of a wide range of McAfee security products including: McAfee Internet Security Suite 2006, McAfee Wireless Home Network Security, McAfee Personal Firewall Plus, McAfee VirusScan, McAfee Privacy Service, McAfee SpamKiller and McAfee AntiSpyware.
Users are advised to update to McAfee SecurityCenter, as explained in an advisory by McAfee here. Most, but not all, McAfee users will automatically receive the update.
The bug was discovered by security researchers at eEye Digital Security, which has published an advisory here. ®
Free whitepaper – Certify your software integrity with Thawte code signing certificates
The best practices guide for application security
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Certify your software integrity with Thawte code signing certificates
The future of SaaS and IT infrastructure management
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive