McAfee Tackles 'Spam Hijack' Flaw in Anti-Malware Code

A flaw in the security vendor's cloud-based service allows users' systems to be used by spammers.


How to Help Your Business Become an AI Early Adopter

BBC News: Security vendor McAfee says it will release a patch for its cloud-based Total Protection service by the end of the day Thursday. Earlier this week, a British art firm that uses McAfee's SaaS to protect its networks discovered that their servers were sending out the equivalent of 10 months' worth of e-mail traffic every day. As a result, many security products had flagged the firm as spammers and were blocking the company's messages. "As an ultimate insult, even McAfee, whose software is at the root of our problems, now rate our email IP as 'High Risk': we can't email them as they have blacklisted us!" the firm blogged.

McAfee explained that a feature of McAfee's technology was inadvertently allowing "spammers to bounce off of affected machines, resulting in an increase of outgoing email from them. Although this issue can allow the relaying of spam, it does not give access to the data of an affected machine." It added. "The forthcoming patch will close this relay capability."

Tags: spam, SaaS, security vulnerability, McAfee

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.