On Thu, Jan 19, 2012 at 1:13 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah <[email protected]> wrote: > http://www.reuters.com/article/2012/01/19/us-mcafee-idUSTRE80I0A620120119 > > I post this primarily as a warning to those who have this product installed. > > However, I do feel compelled to note that this outfit, along with another that > comes in a yellow box, and one particularly trendy product, have had a) a > great > deal of market success, and b) a number of absolutely stunning failures over > the > years. (Which, I suppose, is just another example of how marketing trumps > security, every time ...) McAffe and TrendMicro were particularly vulnerable to handle manipulations [1]. We found we would accidentally shutdown the update service or the firewall while focusing attacks on the scanner. No administrator privileges required.
Jeff [1] "Old Dogs And New Tricks: Do You Know Where Your Handles Are?", http://www.softwareintegrity.com/Documents/Old-Dogs-and-New-Tricks.pdf or http://packetstormsecurity.org/files/100564/Old-Dogs-and-New-Tricks.pdf _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
