The Inquirer-Home

McAfee is fixing security bugs on its website

Insecurity firm is sweeping its own doorstep
Tue Mar 29 2011, 14:40

INSECURITY OUTFIT McAfee has reacted to a publicly disclosed vulnerability on its website and promised that it has had no impact on the integrity of its services or customers.

The firm issued a statement about the problems in which it said that it was reacting to the vulnerabilities, but omitted that it was first told about the problems weeks ago.

"Early on Monday March 28, 2011, various online news outlets reported on vulnerabilities in McAfee Web sites," it said.

"McAfee is aware of these vulnerabilities and we are working to fix them. It is important to note that these vulnerabilities do not expose any of McAfee's customer, partner or corporate information. Additionally, we have not seen any malicious exploitation of the vulnerabilities."

The YGN ethical hacker group reported that it had disclosed the vulnerability to Mcafee on 10 February and was told, "we are working to resolve the issue as quickly as possible".

However, it added that as of 27 March it found the vulnerabilities still existed, and the same day went public with its concerns.

The flaws on the website put users at risks of cross-site scripting attacks, the hackers added, as well as other attacks. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Internet of Things at Christmas poll

Which smart device are you hoping Santa brings?