When your anti-virus product becomes a possible attack vector, surely you should really start to worry? Horrifically, this appears to have happened, with products from both McAfee and Symantec possessing vulnerabilities in their anti-virus libraries, which could be exploited by attackers to give them control of a machine.[The Inquirer]Symantec said the flaw affects AntiVirus Corporate Edition, Brightmail Anti-Spam; Client Security; Gateway Security; Norton AntiVirus; Norton Antivirus for Macintosh; Norton AntiVirus for Microsoft Exchange; and Norton Internet Security.
Symantec has not released a patch, but said users can reduce the threat by disabling the scanning of .rar-compressed files and not opening e-mail attachments.
Meanwhile McAfee has fessed up to having a remote exploitation of an access control vulnerability in its McAfee Security Centre.
If you run McAfee's software, it should have patched itself up through automatic update, but best double check.