McAfee Security Company announced over the weekend that it has resolved a serious security vulnerability in its security management software, a flaw it had previously been unaware of.
This vulnerability primarily affects the ePolicy Orchestrator (ePO) Common Management Agent software version 3.5.5 or older. This security management software is installed on approximately 40 million different PCs across large organizations. If successfully exploited, an attacker could gain complete control over the compromised system.
John Viega, Vice President and Chief Security Architect at McAfee, stated: “This is one of the most serious vulnerabilities in our products.”
McAfee was notified of this vulnerability by eEye Digital Security on July 5. However, a fix was included in an update released in January, although it was not a security update but rather a performance enhancement for the software.
“We did not realize we had fixed that vulnerability until eEye alerted us,” Viega said. “We were just trying to optimize the software system, not specifically looking for security vulnerabilities. Fortunately, that effort led us to address a very dangerous security flaw.”
McAfee stated that this vulnerability does not affect systems that do not have the security management software installed.
The security flaw arises in the Framework Service component, as noted by eEye in a warning released last Thursday. This service is activated and operates on all servers and clients.
“If successfully exploited, an attacker could write a file with any content anywhere on the compromised system,” eEye confirmed.
To exploit this vulnerability, an attacker would need to remotely access the client system to send a specially formatted message.
McAfee recommends that users promptly install the updates released through the company’s website.
Hoàng Dũng
