McAfee security products make mistakes ... security

Security experts, yesterday (July 31), warned users about a new security bug in McAfee security software that could disclose sensitive information on their systems.

The newly discovered security bug affects most of McAfee's popular products, including Internet Security Suite, SpamKiller, Privacy Service and Virus Scan Plus titles, Marc Maiffret - chief technology officer of security firm eEye Digital Security - said.

McAfee Siobhan MacDermott spokesman has also officially acknowledged the company's products have the above security error and said the company is currently testing a patch to fix the error. It is expected that on Wednesday 4, McAfee will release security updates via automatic update feature in products to fix new problems.

Ms. Siobhan also added that the newly discovered security bug did not affect the 2007 version of McAfee products. It is expected that these products will be released later this week.

Meanwhile, Maiffret said he had found a way to connect to PC systems that installed McAfee's faulty products and control them to run the required code. If this security error is exploited, hackers may collect the user's bank account number or access to edit and delete sensitive files or harm systems that cause errors.

That's exactly two weeks after McAfee said it accidentally overcame a security flaw in its enterprise security product. In this case, McAfee said it had accidentally corrected that security error three months before it was discovered.

However, until now, there has not been any security error of McAfee exploited in the attacks.

Hoang Dung