Sign In
Register
Help
Quote
Spam-squirting hole found in McAfee antivirus kit
Ironic server-side flaw exploited, patch promised
By John Leyden • Get more from this author
19th January 2012 13:59 GMT
McAfee is promising to patch a vulnerability in its hosted anti-malware service after it found a flaw that allowed systems where the product was installed to be turned into potential spam-relay nodes.
SaaS for Total Protection, the vulnerable software, will be patched on "January 18 or 19, as soon as we have finished testing", McAfee promised in a blog post published on Wednesday.
Two security issues in SaaS for Total Protection product have cropped up over recent days. The first security scare involves the possibility that an attacker might misuse an ActiveX control to execute code. The second abuses McAfee's "rumor" (update) technology to turn machines running the SaaS for Total Protection client into spam-spewing open relays.
The spam-relay problem resulted in genuine inconvenience for some McAfee customers, whose email was blocked after their IP addresses appeared on blacklists, prompting complaints to McAfee's forums and blog posts on the issue (here and here).
McAfee said the first bug is already blocked by a patch it released to address a similar problem last August. However the second spam-relaying bug still needs some attention, hence the plan to release a server-side patch this week. Since SaaS for Total Protection is a managed product, customers will not be obliged to update their software themselves.
In its blog post, the security giant said that neither of the two security issues placed customer data at any risk of exposure. Its notice explains the impact of the spam-relay flaw, which has been actively abused by spammers.
Ironic server-side flaw exploited, patch promised
By John Leyden • Get more from this author
19th January 2012 13:59 GMT
McAfee is promising to patch a vulnerability in its hosted anti-malware service after it found a flaw that allowed systems where the product was installed to be turned into potential spam-relay nodes.
SaaS for Total Protection, the vulnerable software, will be patched on "January 18 or 19, as soon as we have finished testing", McAfee promised in a blog post published on Wednesday.
Two security issues in SaaS for Total Protection product have cropped up over recent days. The first security scare involves the possibility that an attacker might misuse an ActiveX control to execute code. The second abuses McAfee's "rumor" (update) technology to turn machines running the SaaS for Total Protection client into spam-spewing open relays.
The spam-relay problem resulted in genuine inconvenience for some McAfee customers, whose email was blocked after their IP addresses appeared on blacklists, prompting complaints to McAfee's forums and blog posts on the issue (here and here).
McAfee said the first bug is already blocked by a patch it released to address a similar problem last August. However the second spam-relaying bug still needs some attention, hence the plan to release a server-side patch this week. Since SaaS for Total Protection is a managed product, customers will not be obliged to update their software themselves.
In its blog post, the security giant said that neither of the two security issues placed customer data at any risk of exposure. Its notice explains the impact of the spam-relay flaw, which has been actively abused by spammers.
Full story - http://www.theregist...am_relay_patch/
MultiQuote