McAfee accidently fixes major flaw

SECURITY OUTFIT McAfee has managed to fix a major flaw in its software without being aware of it.

McAfee's ePolicy Orchestrator (ePO) Common Management Agent is installed on about 40 million PCs in large organisations. However the software had a flaw that could have resulted in a targeted computer becoming taken over by a hacker.

John Viega, vice president and chief security architect at McAfee admitted that it was one of the most serious issues that the outfit has come across. The problem was fixed when McAfee did a software update in January which was only meant to fine tune the system. It fixed the security bug too, although this was unintentional. In fact McAfee was not aware of the problem until it was told by an another security outfit.

The upgrade included changing from storing data in files to storing it in memory, which removed the flaw.

However the fix does not apply to older versions of the software, which are still vulnerable. McAfee does not know how many of its punters could still be vulnerable.

More at News.com, here. µ