For the fifth time in two months, security researchers have publicised a serious flaw in a widely used virus-scanning program.
The vulnerability affects McAfee's Antivirus Library, a collection of common code shared among the security software company's various virus scanners, including GroupShield for mail servers and VirusScan for PCs. An attacker could use the flaw to cause a vulnerable system to run a file instead of scanning it for malicious code.
While the company just learned of the issue recently, an update offered to corporate customers in November and consumers in December added security measures that fixed the problem.
"Once the update was released, all current subscribers got the fix," said Marc Solomon, senior product manager for McAfee. "For anyone who is no longer a subscriber, this is a reminder to renew."
The flaw is the fourth antivirus security vulnerability found by Internet Security Systems, which sells software and hardware to protect networks and corporate PCs. The company also has found flaws in the antivirus libraries developed by security software companies Symantec, F-Secure and Trend Micro. Another flaw in Computer Associates' antivirus software was discovered by security firm eEye Digital Security.
Internet Security Systems would not specify how the problems were found, but a representative stressed that the company didn't target the products.
Users of McAfee's virus scanning software, also known as an engine, are vulnerable only if the software has not been updated through a current subscription and the person has not downloaded the latest virus definitions file, or DAT, from the company.
The flaw could be exploited using any type of network traffic that is scanned by a McAfee product, including email, Web browsing and Windows file sharing. When the vulnerable software attempted to open a malicious file, the software would instead run the program included in the file.
The flaw occurs in how McAfee's software, based on the older library, scans files that are compressed using a format known as LHA. A specially crafted file, when scanned by vulnerable McAfee software, can execute its program.
In order to post a comment you need to be registered and logged in
Log in or create your ZDNet UK account below
By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Membership FAQ
Apple are currently pushing to get tv content on the iPad by April 3rd. This could possibly be seen as a spoiler for that announcement I suppose....
2 hours ago by John Molloy
Hey - presume you mean something that builds on Apple's existing TV device? Apple have already had a couple of runs at building Apple TV and it's...
8 hours ago by Andrew Donoghue on Google's TV timing may reveal more to come
Google, Sony, Intel may build TV project www.zdnet.co.uk/news/emerging-tech/2010/03/18/google-sony-intel-may-build-tv-project-40088359/
8 hours ago on Twitter by BVE2011
70,0000 to 90,0000 computers? A very small number considering some of these botnets are in the millions, and there are so many of them operating,...
9 hours ago by ator1940 on Microsoft says it decimated Waledac botnet I agree Roger, and why can't they write secure code? What will happen when they find stolen code in windows? They have a track record of...
9 hours ago by ator1940 on Microsoft lashing out at Linux, open source Do you think it will really take days?
9 hours ago by ator1940 on Microsoft previews Internet Explorer 9 with HTML 5 support
Wonder how many days it will take before somebody codes an exploitive hack for IE9?
21 hours ago by Xwindowsjunkie on Microsoft previews Internet Explorer 9 with HTML 5 support
There are some really good people in Microsoft and I wonder, how embarassing it must be for them to see how the organisation behaves from it's...
1 day ago by roger andre on Microsoft lashing out at Linux, open source
Great new look for ZDNET UK web-site http://bit.ly/9R5eAA to check it out @ZDNetUK #zdnet
1 day ago on Twitter by ajclarke
Microsoft previews Internet Explorer 9 with HTML 5 support - zdnet.co.uk http://bit.ly/9FSh23
1 day ago on Twitter by feedfrog
We were just pondering on when IE will get HTML5 and CSS3 onboard! this is excellent
1 day ago by kencogold on Microsoft previews Internet Explorer 9 with HTML 5 support
RT @suziedaniels: relaunched www.zdnet.co.uk raises the bar yet again! its so fast it makes my eyes bleed.
1 day ago on Twitter by riptari This is brilliant - I borrowed one and straight away saw that a few AP`s were set up to the wrong country. It gives interference levels on each...
1 day ago by Bob Preece on Fluke Networks AirCheck Wi-Fi Tester
http://www.zdnet.co.uk/news/networking/2010/03/11/european-parliament-votes-down-acta-treaty-40085614/ (Where does this leave #Debill?)
1 day ago on Twitter by _SimonArnoldme
relaunched www.zdnet.co.uk raises the bar yet again! its so fast it makes my eyes bleed.
1 day ago on Twitter by suziedaniels
Redesign complet pour ZDNet UK et AU, Twitter au centre http://www.zdnet.co.uk/ http://www.zdnet.com.au/
1 day ago on Twitter by eparody
RT @eparody: Redesign complet pour ZDNet UK et AU, Twitter au centre http://www.zdnet.co.uk/ http://www.zdnet.com.au/
1 day ago on Twitter by cdutheil
Sharepoint 2010 in photo's http://www.zdnet.co.uk/reviews/communication-and-collaboration/2010/03/04/sharepoint-2010-screenshots-40070577/
1 day ago on Twitter by gerardvFor multi-store outlets, including retail, banking, grocery, gas, hospitality, convenience stores and others, reducing (or avoiding) the cost of in-store system support and maintenance while maintaining compliance with PCI and other requirements has become a strategic challenge.
Speaker: Dr. Chenxi Wang, Principal Analyst, Security and Risk Management, Forrester Research, Inc. As Enterprises are increasingly connected to the Internet and as hard organizational boundaries are fast disappearing, security professionals are facing fresh challenges in Enterprise computing.
This tutorial is for new MindManager users and teaches you how to get started, by creating maps, reading maps and organizing your information.
Talkback
I bought the Mcafee Security Suite in December from PC World and now find that I have a pop-up message from Mcafee, which I cannot disable, telling me to buy MSN Premium to protect my hotmail account from spam. All the mail in my inbox has been deleted and incoming mail is deleted asoon as I read it.
5 Apr 05 16:53 ReplyI cannot contact Mcafee either by the chat support service or by phone ( line out of service, apparently). Is this a conspiracy to coerce me into buying software I don't need having already bought some which should be protecting me? Is it a virus? If so, what do I do about it? How do I contact them and wring Mcafee's corporate neck ?
Oy you could be smart and use a warez version, works well and you got a VIP support from them. well good luck mate
4 May 05 22:07 ReplyHi
18 Aug 05 10:45 ReplyI bought a 2006 update with a $20 rebate. After downloading the product AND the Anti Hacker prog. I now find that I have boxes appear on my screen that you cannot close down. Niether can I find any contact support that will give you live chat without paying.
It also find that my virus protection has been reduced to show no green bar. It appears that I have paid good money for a worse product. I will stop my credit card payment.THEN they will soon be in toutch"
Chris