| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: chows at ozemail.com.au (Gregh) Subject: Macafee Stupid Little Tricks continue This isnt anything but an annoying "feature" but to some, like an annoying "Feature" that Windows had last year that we all remember well....Blaster. Mcafee Virusscan and Spamkiller 5 both act through their Security Centre program. This means that all are linked. Uninstalling one product does not necessarily clear programming problems up, from Mcafee. With this in mind, it has become apparent, recently, that with the ever increasing popularity of Bagle to produce new variants, that Mcafee has a problem. If you receive a few Bagle worms in email or a few Netsky (or variants of either) or a mixture of both, when it comes in to Spamkiller, Virusscan knows this and rightly deletes it. Unfortunately, Spamkiller 5 doesnt like this but continues to work OK for the moment. The problem arises when one, or more, of the worms arriving actually arrives from an address marked as a friend. Those emails go into the "accepted mail" pile. When you review them with Spamkiller and find that they ARE infected emails and you choose to BLOCK them or block any OTHER email (eg, new spam, junkmail from a real friend etc), Spamkiller loses contact with all it's email in both the accepted emails and the blocked emails piles. The entire screen shows as if nothing is waiting. Spamkiller 5 continues to pick up mail at it's set period and also continues to block spam it knows about. However, it will not display any email UNTIL you reboot. >From that example above, you can see that any business who has both Spamkiller 5 and Virusscan installed - which REQUIRES Security Centre to be installed, too - loses track of incoming email. If the user knows to reboot the machine, they have lost time while it does that. Mcafee have been informed about this on a few occasions by me. The only reply they can give to fix this is to fully uninstall *ALL* Mcafee products then go through their manual registry removal document to get rid of the lot THEN reinstall it all. On even SMALL installations of say 5 users if all of them have these products installed on all machines, that can be hours doing this and setting personal filters back on again. It also does NOT solve the problem as it always comes back. Conclusion: Until Mcafee gets up off their backsides and fixes this one, your Windows users are well advised to consider their alternatives. Eg, no Mcafee product, alternatives to either of those products if they insist on keeping one or if they dont want to give up any Mcafee product, tell them they must keep rebooting every time it happens which can be quite a few times a day. Tested only on XPSP1 so far. I have Win 98SE users and 2K users at different installations and have had to steer them away from Mcafee for now until they fix this. Greg.
Powered by blists - more mailing lists