Home >> Linux >> McAfee Takes Six Months To Patch Remote Code Exploit In Linux VirusScan Enterprise

McAfee Takes Six Months To Patch Remote Code Exploit In Linux VirusScan Enterprise

mask.of.sanity writes: A researcher has reported 10 vulnerabilities in McAfee’s VirusScan Enterprise for Linux that when chained together result in root remote code execution. McAfee took six months to fix the bugs issuing a patch December 9th.

Citing the security note, CSO adds that “one of the issues affects Virus Scan Enterprise for Windows version 8.7i through at least 8.8.” The vulnerability was reported by Andrew Fasano at MIT’s federally-funded security lab, who said he targeted McAfee’s client because “it runs as root, it claims to make your machine more secure, it’s not particularly popular, and it looks like it hasn’t been updated in a long time.”


Share on Google+

Read more of this story at Slashdot.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

*