14 DAY TRIAL // McAfee's antivirus is one of the most popular security solutions on the Internet, allowing the users to keep their computers clean and secure. Although its goal is to detect viruses and other types of infections, sometimes McAfee's functions are no more than useless because it contains several flaws able to make an affected system even more vulnerable. Today, McAfee released a security advisory to announce a new flaw in the security application, sustaining VirusScan Enterprise 8.0i Patch 11 and the previous versions are affected by a critical vulnerability that can allow the attacker to execute malicious files on the computer.
"A successful exploit of this security flaw would allow an attacker to abnormally stop On-Access scan or execute arbitrary code on the target computer. In order for this attack to work, the target computer must have East Asia language files installed, and the default Unicode codepage must be set to a language which contains multi-byte characters--such as Chinese. On such a system, the On-Access scanner behaves abnormally when scanning a file with an overly long file name," McAfee sustained in the security advisory.
The only solution to avoid the exploitation of the vulnerability is to update the antivirus solution to McAfee VirusScan Enterprise 8.0i Patch 12 or later. The patch is available through McAfee ServicePortal and can be downloaded for free by any user. Security company Secunia sustains that the exploitation of the vulnerability requires installed East-Asia language files so it's somehow difficult to attack a computer without the user's approval. In the past, McAfee's solutions were affected by several vulnerabilities, the company fixing the issues quick and easy before the exploitations of the flaw were started.