Intel’s security division, McAfee, has confirmed that it will shortly issue a patch to fix two potential vulnerabilities with its SaaS Total Protection anti-malware service.
One of the flaws could have turned a innocent computer system into a potential open spam-relay, which could allow attackers to use it to send out spam.
The problems came to light after some users began to notice that their Internet Service Providers (ISPs) had begun blocking their IP addresses, after they had begun noting an increase in unsolicited email streaming from the affected computers.
The first problem stems from the misuse of McAfee’s peer-to-peer file sharing technology dubbed ‘Rumor’. This was created by McAfee to distribute security updates to computers without a direct internet connection (i.e. connected by an internal network).
The second issue involves the misuse of an ActiveX control in order to execute code.
McAfee was quick to respond to the potential vulnerabilities and assured users that a patch was on the way.
“McAfee treats security issues in our products very seriously,” wrote David Marcus, McAfee’s director of security research on a blog posting. He said that the problems affect all of the vendor’s products, but concerns a single product, namely SaaS for Total Protection, its hosted anti-malware service.
“We have mitigating factors already in place that reduce risk, and a patch is coming to remediate any additional risk to our customers. The patch will be released on January 18 or 19, as soon as we have finished testing. Because this is a managed product, all affected customers will automatically receive the patch when it is released.”
McAfee said it had not no evidence of loss or compromise of any customer data in relation to either of these issues.
Marcus did not go into further detail about the ActiveX problem, but admitted it had “much in common with a similar issue patched in August 2011.”
“In fact, the patch delivered then basically cuts off the exploitation path for this issue, effectively reducing the risk to zero,” he wrote. “Because of this, customer data is not directly at risk.”
And regarding the Rumor problem that could potentially turn innocent machines into spam machines, McAfee acknowledged that the flaw has been exploited to “allow spammers to bounce off of affected machines, resulting in an increase of outgoing email from them.”
“Although this issue can allow the relaying of spam, it does not give access to the data on an affected machine,” Marcus wrote in an attempt to reasure affected users. “The forthcoming patch will close this relay capability.”
The McAfee vulnerability comes after security rival Symantec was forced to admit embarrassingly that thieves had breached its servers and stolen the source code for a number of its security products, despite previous claims to the contrary.
Last November Kaspersky Lab warned that cyber criminals are increasingly behind fake antivirus software, which is nowadays getting much better at copying the look and feel of legitimate antivirus products.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
View Comments
Jeez, Windows. Gates could have fixed this years ago, but Symantec et al complained vehemently. This is not about security, it's about money. Get a Mac.