Threat Level: green Handler on Duty: Russ McRee

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Heads Up: new flaw in McAfee

Published: 2006-08-01
Last Updated: 2006-08-02 01:56:32 UTC
by Arrigo Triulzi (Version: 3)
0 comment(s)
The ISC has received several notifications of an upcoming security advisory regarding McAfee products.  The flaw provides remote execution of code in the following software:
  • McAfee Internet Security Suite 2006
  • McAfee Wireless Home Network Security
  • McAfee Personal Firewall Plus
  • McAfee VirusScan
  • McAfee Privacy Service
  • McAfee SpamKiller
  • McAfee AntiSpyware
Apparently 2007 editions of the products, released this past Saturday, are not affected.  There is also an article on the Toronto Globe and Mail covering the issue.

Thanks to Jacques and Bruce for drawing our attention to the issue.

Update: a reader (thank you Juha-Matti) reports that an official McAfee security bulletin including a fixed McAfee Security Center is already available from the support website.

Update 2: (2006-08-02 01:50 UTC)  We've received reports that some users are having problems with the update causing issues with other software.  If you encounter problems, you may want to check the McAfee help forums at http://forums.mcafeehelp.com/.
Keywords:
0 comment(s)
Diary Archives