October 1, 2016

McAfee to Patch Two Vulnerabilities in its SaaS for Total Protection

(LiveHacking.Com) – Two vulnerabilities have been found in McAfee’s SaaS for Total Protection, one of which allows a customer’s system to be used as a spam relay. The problem, which was exposed on British art firm Kaamar Limited’s blog earlier this week, has been gaining more and more public attention and now McAfee has started to release information about the issues and details of patches.

As spammers have started to exploit the flaw a number of McAfee’s customers have had their emails blocked after their IP addresses were blacklisted by anti-spam services. “It is believed that thousands of computers have been compromised so far, with more being affected every day,” said Kaamar in its original blog.

“The second issue has been used to allow spammers to bounce off of affected machines, resulting in an increase of outgoing email from them. Although this issue can allow the relaying of spam, it does not give access to the data on an affected machine. The forthcoming patch will close this relay capability,” wrote David Marcus Director, Security Research at McAfee.

According to an update on McAfee’s blog, the the patch for the spam issue is now rolling out to customers, and everyone should have the update shortly.