McAfee accidentally fixes a serious error
Security firm McAfee, over the weekend, said it had overcome a serious security flaw in its security management software that it didn't recognize before.
This security error primarily affects ePolicy Orchestrator software (ePO) Common Management Agent version 3.5.5 or earlier. This is security management software installed on about 40 million different PCs in large organizations. If you successfully exploit this security error, the attacker can take over the entire control of the faulty system.
" This is one of the most serious security flaws in our product, " said John Viega, McAfee's vice president and chief security architect.
McAfee has been notified by eEye Digital Security about this security error from July 5. But in the update released in January this security error has been fixed. However, it is not a security update, but an update to improve the performance of the software.
" We didn't realize we had fixed that security error until eEye warned us ," Viega said. " We just want to optimize the software system, not looking for security errors. But thankfully, that work has helped us overcome a very dangerous security error ."
McAfee said this security error has no effect on systems that do not have security management software installed.
This security error arises in the Framework Service component, security firm eEye said in a warning message issued last Thursday. This wearable service is enabled and operated on all servers and clients.
" If successfully exploited, an attacker can write a file that has any content anywhere on the system that makes a mistake ," eEye said.
To be able to exploit this security error, an attacker needs to access the network to the client system to send a message in a special format.
McAfee recommends that users should quickly install updates released through its website.
Hoang Dung
- Where does the error 'Error 404' come from?
- McAfee, Trend Micro fixes security applications
- McAfee launches 2 new products
- McAfee SecurityCenter security patch
- Netscape fixes browser security errors
- Security error in PHP on web server
- Microsoft fixed a series of bugs for Vista
- China dismisses McAfee's allegations
- PayPal fixes a serious security error
- Microsoft fixes deadly errors for XP and Vista
- How to fix the error of not accessing Gmail
- McAfee detected 3 new zero-day Office errors