When your anti-virus product becomes a possible attack vector, surely you should really start to worry? Horrifically, this appears to have happened, with products from both McAfee and Symantec possessing vulnerabilities in their anti-virus libraries, which could be exploited by attackers to give them control of a machine.[The Inquirer]Symantec said the flaw affects AntiVirus Corporate Edition, Brightmail Anti-Spam; Client Security; Gateway Security; Norton AntiVirus; Norton Antivirus for Macintosh; Norton AntiVirus for Microsoft Exchange; and Norton Internet Security.
Symantec has not released a patch, but said users can reduce the threat by disabling the scanning of .rar-compressed files and not opening e-mail attachments.
Meanwhile McAfee has fessed up to having a remote exploitation of an access control vulnerability in its McAfee Security Centre.
If you run McAfee's software, it should have patched itself up through automatic update, but best double check.


LinkBack URL
About LinkBacks
Reply With Quote