Heeeey, McAfee customer! Would you like some peace of mind? Why, you ask? No reason… well except that spammers were able to exploit a flaw in McAfee’s SaaS Total Protection anti-malware service, making that protection not so total after all.
TechSpot says the vulnerability was discovered last week when a company complained to McAfee that their emails were being blocked and IP addresses were blacklisted for sending spam. Turns out spammers were able to relay unsolicited messages from users’ computers, unbeknownst to them.
Apparently McAfee’s “Rumor” Service, which is a peer-to-peer file sharing technology part of the anti-malware suite used to distribute security updates within an internal network, allows inbound Internet connections and serves as an Open Proxy on Port 6515, which spammers used to bounce e-mails as if they were coming from that machine. The Rumor service appears to install itself even when not required, and though you can disable it using Windows’ administrative tools, it is restarted by McAfee’s automatic updates.
McAfee says they’re likely going to issue the “peace of mind” patch later today after testing is complete, and added that the flaw doesn’t put consumer data at risk.