McAfee says it’s fixed a problem with its SaaS Total Protection software that was allowing users’ PCs to be turned into spam servers.
The Total Protection Service delivers updates to computers without a direct internet connection, but the vulnerability meant it was being used to spread spam.
McAfee says it will today release a patch for the vulnerability, which it says didn’t give hackers access to any data.
“Two issues in SaaS for Total Protection have arisen in the past few days. In the first, an attacker might misuse an ActiveX control to execute code,” says the company in a warning to customers.
“The second involves a misuse of our ‘rumor’ technology to allow an attacker to use an affected machine as an ‘open relay’, which could be used to send spam.”
The first issue, says McAfee, is similar to a vulnerability patched last summer – indeed, the patch delivered then basically cuts off the exploitation path for the new issue.
“The second issue has been used to allow spammers to bounce off of affected machines, resulting in an increase of outgoing email from them,” it says.
“Although this issue can allow the relaying of spam, it does not give access to the data on an affected machine. The forthcoming patch will close this relay capability.”
The problem arose after customers complained that their IP addresses were being blacklisted for sending spam, and that emails were being blocked.