WELCOME

McAfee says the malware is based on a malicious Java

Nov. 26, 2018 by Devin Jones

McAfee says the malware is based on a malicious Java file, which also exploits its own version of the Internet Explorer software.

"The exploit involves a simple script that installs a file that the user has downloaded from the Internet, which is then loaded into the file and loaded through the program," McAfee's senior VP of public relations, David Lee, told Computerworld. "This is not a known vulnerability yet, it is possible that some of the victims have some kind of malicious code installed on them that is vulnerable to attacks on their computers."

It's all the more puzzling for antivirus company McAfee, which, like many other companies, has faced a number of public-relations problems with its product.

In May 2008, the company released an exploit for Adobe Flash Player that made it possible for hackers to run programs through Adobe's software that bypass antivirus software. This year, McAfee's antivirus software is no longer available in Windows 7 and Windows 8. Microsoft has also announced that it is starting to remove the vulnerability from its Windows software. So far, McAfee hasn't had any successful exploits published, according to McAfee.

"That's the point here," Lee said. "It's a critical vulnerability that's been around for a long time and that we need to address quickly. Hopefully we can fix to it now."

Although McAfee says it is working on an answer, it's not clear yet whether that answer will include a patch or a fix for the flaw.