McAfee flaw leaves users wide open

Security research firm ISS has issued an advisory warning of a "serious flaw" in McAfee's antivirus library system that leaves users wide open to attack.

The flaw is in 23 versions of McAfee's products, and stems from a vulnerability in the antivirus library which the software uses to check for malware. ISS warned that ISPs, businesses and home users are all at risk.

"ISS has shipped protection for a flaw discovered by X-Force in McAfee AntiVirus Library versions prior to 4400," said the advisory.

"The Library is widely relied on to provide antivirus capabilities to desktop, server and gateway systems. Also, several large vendors and ISPs implement the Library in their products."

The flaw can be exploited if a hacker sends an email to the target with a specially crafted 'Lha' file, a type of format read by many software engines.

The user does not need to open anything; instead the file overwhelms the library's buffer and allows code to be executed on the target machine.

MacAfee was unavailable for comment. The ISS advisory can be seen here.

See also:

Global virus epidemics run out of steam

But every silver lining has a cloud  10 Mar 2005

Virus authors switch from havoc to profit

Show us the money  09 Mar 2005

Security

The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack.  15 Apr 2004

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!