Skip to main content

McAfee Supplies Antidote for Tainted SaaS Security

posted onJanuary 23, 2012
by l33tdawg

Security vendor McAfee, which is now owned by Intel (Nasdaq: INTC), is rolling out a patch for three flaws in its Endpoint Protection Software as a Service offering.

All three flaws are in ActiveX controls. One tricks the control into executing commands supplied by an attacker, the second lets attackers write to files on disk and the third lets attackers execute code with user privileges, McAfee said.

The first two flaws were patched back in August, and it's the third that created headlines earlier this week when it was found it let attackers essentially hijack victims' PCs and use them to relay spam. McAfee knows of "four to five" victims, all small and medium-sized businesses, company spokesperson Ian Bain told TechNewsWorld. The vendor "worked with them to stop [the attack] as the patch was being developed," Bain added.

Source

Tags

McAfee Security SaaS

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th