Computer Crime Research Center


McAfee protects against viruses not hackers

Date: March 23, 2005
By: Iain Thomson

Security research firm ISS has issued an advisory warning of a "serious flaw" in McAfee's antivirus library system that leaves users wide open to attack.

The flaw is in 23 versions of McAfee's products, and stems from a vulnerability in the antivirus library which the software uses to check for malware. ISS warned that ISPs, businesses and home users are all at risk.

"ISS has shipped protection for a flaw discovered by X-Force in McAfee AntiVirus Library versions prior to 4400," said the advisory.

"The Library is widely relied on to provide antivirus capabilities to desktop, server and gateway systems. Also, several large vendors and ISPs implement the Library in their products."

The flaw can be exploited if a hacker sends an email to the target with a specially crafted 'Lha' file, a type of format read by many software engines.

The user does not need to open anything; instead the file overwhelms the library's buffer and allows code to be executed on the target machine.

MacAfee was unavailable for comment. The ISS advisory can be seen here.
Original article

Add comment  Email to a Friend

Discussion is closed - view comments archieve
2005-11-02 11:20:57 - Thank you for the info! Silvia
Total 1 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo