McAfee fixes flaw in Mac antivirus software

Attackers could exploit the hole in McAfee's Virex 7.7 antivirus program for Mac OS X to bypass the malware scanner, but a fix is available.

McAfee Inc. has repaired a flaw in its antivirus program for Mac OS X machines that attackers could exploit to...

bypass the malware scanner and gain elevated system privileges.

More on McAfee

McAfee: Malware all about ID theft

Microsoft releases Vista APIs to security vendors

Former McAfee official settles fraud charges
An issue exists with the default permissions and validation of specific files belonging to McAfee Virex 7.7 that may allow for local authenticated command execution, the Santa Clara, Calif.-based antivirus vendor said in an advisory

"The vulnerability is caused due to /Library/Application Support/Virex/VShieldExclude.txt having insecure permissions and being created insecurely," Danish vulnerability clearinghouse Secunia said in an advisory. "This can be exploited to create arbitrary files with escalated privileges via symlink attacks."

McAfee recommends that users apply the patch, which has been pushed to all its live update servers.

Dig Deeper on Application Firewall Security

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

we need bag net work
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close