For the fifth time in two months, security researchers publicized a serious flaw in a widely used virus-scanning program.
The vulnerability affects McAfee’s Antivirus Library, a collection of common code shared among the security software company’s various virus scanners, including GroupShield for mail servers and VirusScan for PCs. An attacker could use the flaw to cause a vulnerable system to run a file instead of scanning it for malicious code.
While the company just learned of the issue recently, an update offered to corporate customers in November and consumers in December added security measures that fixed the problem.
“Once the update was released, all current subscribers got the fix,” said Mark Solomon, senior product manager for McAfee. “For anyone who is no longer a subscriber, this is a reminder to renew.”