McAfee AV Product: Worm Hole

eEye Warns of Worm Hole in McAfee Anti-virus Products
By Ryan Naraine
August 1, 2006

A code execution vulnerability in software products sold by Internet security vendor McAfee could put millions at risk of computer takeover attacks, according to a warning from eEye Digital Security. The flaw affects fully patched versions of all McAfee consumer security products, including the company's flagship McAfee Internet Security Suite 2006. Maiffret said the issue was discovered and reported to McAfee on July 19.

"This vulnerability can be used to compromise systems running these McAfee consumer products and allow attackers to run code with the ability to modify/delete files [or] backdoor systems," Maiffret said in an e-mail exchange with eWEEK.