McAfee warns of flaw in own security software
Security firm McAfee has warned a flaw in one of its products could leave customers’ PCs vulnerable.
The company, which was acquired by Intel, disclosed the flaw in a message to customers on its website, saying hackers could use affected computers to distribute spam.
McAfee spokesman Ian Bain said at least one customer had fallen victim to such an attack, which leveraged a flaw in a service offering known as McAfee SaaS for Total Protection.
The web-based service protects customers from viruses hidden in emails and websites. Bain said the flaw was in a piece of software that McAfee customers install on their PCs to enable them to use the service.
While the flaw could enable hackers to send spam from machines of McAfee SaaS for Total Protection customers, it does not grant them access to data on an affected PC, Bain said.
He said that the company’s engineers were working to fix the bug and expected to have it fixed today.
In April 2010, a glitch included in a regular release of McAfee’s anti-virus software mistakenly identified part of Microsoft’s popular Windows XP operating system as a virus, triggering personal computer outages at many of its customers, including more than 100 large corporations.