Intel’s security division, McAfee, has confirmed that it will shortly issue a patch to fix two potential vulnerabilities with its SaaS Total Protection anti-malware service.
One of the flaws could have turned a innocent computer system into a potential open spam-relay, which could allow attackers to use it to send out spam.
The problems came to light after some users began to notice that their Internet Service Providers (ISPs) had begun blocking their IP addresses, after they had begun noting an increase in unsolicited email streaming from the affected computers.
The first problem stems from the misuse of McAfee’s peer-to-peer file sharing technology dubbed ‘Rumor’. This was created by McAfee to distribute security updates to computers without a direct internet connection (i.e. connected by an internal network).
The second issue involves the misuse of an ActiveX control in order to execute code.
McAfee was quick to respond to the potential vulnerabilities and assured users that a patch was on the way.
“McAfee treats security issues in our products very seriously,” wrote David Marcus, McAfee’s director of security research on a blog posting. He said that the problems affect all of the vendor’s products, but concerns a single product, namely SaaS for Total Protection, its hosted anti-malware service.
“We have mitigating factors already in place that reduce risk, and a patch is coming to remediate any additional risk to our customers. The patch will be released on January 18 or 19, as soon as we have finished testing. Because this is a managed product, all affected customers will automatically receive the patch when it is released.”
McAfee said it had not no evidence of loss or compromise of any customer data in relation to either of these issues.
Marcus did not go into further detail about the ActiveX problem, but admitted it had “much in common with a similar issue patched in August 2011.”
“In fact, the patch delivered then basically cuts off the exploitation path for this issue, effectively reducing the risk to zero,” he wrote. “Because of this, customer data is not directly at risk.”
And regarding the Rumor problem that could potentially turn innocent machines into spam machines, McAfee acknowledged that the flaw has been exploited to “allow spammers to bounce off of affected machines, resulting in an increase of outgoing email from them.”
“Although this issue can allow the relaying of spam, it does not give access to the data on an affected machine,” Marcus wrote in an attempt to reasure affected users. “The forthcoming patch will close this relay capability.”
The McAfee vulnerability comes after security rival Symantec was forced to admit embarrassingly that thieves had breached its servers and stolen the source code for a number of its security products, despite previous claims to the contrary.
Last November Kaspersky Lab warned that cyber criminals are increasingly behind fake antivirus software, which is nowadays getting much better at copying the look and feel of legitimate antivirus products.
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
View Comments
Jeez, Windows. Gates could have fixed this years ago, but Symantec et al complained vehemently. This is not about security, it's about money. Get a Mac.