I.T. Vibe
Latest Business Communications Gaming General Security Technology Virus  
   Member Services
Login
Register
   General Services
Contact Us
Merchandise
Toolbar
RSS Feeds
Other Formats
   Site Search
 
Advanced Search
   News Alerts
Enter your email address to receive news alerts
 
View Privacy Policy
Unsubscribe
   Information
Latest Virus Alerts
Internet Threat Level
Internet Traffic Report
   Opinion Poll
Macs - Love Them or Hate Them? Place your votes now.
Love 'em
Hate 'em
Indifferent
Reader Comments: 0
View All Polls
McAfee admits to product security hole
Tuesday, March 22, 2005 at 07:59 by Laurence Norah
McAfee, creator of the popular McAfee anti virus software, has admitted that there is a flaw in one of their virus scan engines which could lead to an attacker compromising a PC. Discovered by ISS X-Force, McAfee believes that this problem only affects users running an older version of the McAfee VirusScan Engine.

The problem itself is a buffer overrun vulnerability, which may occur when a user is scanning Lha files. McAfee believes that this problem was fixed in release 4400 of their VirusScan engine, which was released in December 2004. Users running the earlier version of this engine, 4320, may still be at risk.

If customers have not upgraded to the latest version of the engine, McAfee has stated that customers running the 4436 DAT files and later should be protected.

McAfee believes that the number of users running the older version is very low, although we suspect that they do not have the data to back that claim up. We would recommend that if you are running McAfee anti virus software that you ensure it is updated to the latest product engine and DAT versions as soon as possible, as we would with any other anti virus product.
 
Contact Laurence Norah, the author of this article View a printer friendly version of this article Email this article to a friend RSS Feeds
Comment # 1 on 22 March 2005 at 21:24 by Anonymous
hats off to the guy who discovered it!
Comment # 2 on 05 April 2005 at 17:01 by Anonymous
I bought the security suite in December last year from PC World together with a new PC and now find that my email inbox has been attacked deleting all my incoming mail. This follows a couple of days in which I had a pop-up from Mcafee - which I couldn't disable - telling me that I had to buy MSN Premium to protect my Hotmail a/c. It's impossible to get hold of Mcafee for support, either by phone or on their chat line. Is this the virus referred to and if so why were PC World selling this suspect version in December? Any suggestions how to get round the problem would be appreciated (in non-techy language which a computer dinosaur can understand!). Thanks
Your Verification Number:

Please enter your Verification Number:

Related Articles:
Hotmail ditch McAfee in favour of Trend Micro
McAfee to buy out Foundstone
Network Associates rename to McAfee Inc.
Industry bracing itself for phishing increase
 
Recent Articles In Security:
Are You happy To Pay Using Your Mobile?
Is Someone Piggybacking Your Wireless Connection?
DNA Breakthrough May Mean More Prosecutions
US ATM Crooks Target the UK
British Hacker loses appeal
 
Other Recent Articles:
Is Phorm under investigation by the Police?
Is the iPlayer the new Google of the media world?
Electronic Arts fuel giveaway back fires
New Microsoft Ad Gets Panned – But Did It Catch Your Attention?
Sony Forced To Recall 500,000 PCs
 

 © 2008 I.T. Vibe - All Rights Reserved - All Trademarks Recognised - Privacy Policy - Terms & Conditions