If you've been keeping up with the news today regarding the McBlunder by McAfee, you might not have thought of the chance that this might be intentional and malicious. About a year ago a security researcher documented a case where a remote update was maliciously replaced with other code. Now most products that do remote updates require some cryptographic signature to make sure that the update is legit (I assume, but don't know for sure that this is the case for McAfee updates), but what if the update was tampered and changed before it was signed. This is not too far fetched and certainly damages McAfee which malware authors never pass up on these types of opportunities. It will be interesting to see if this angle is explored at all - or at least what McAfee releases after the internal investigation.
And for those affected - here is the official fix at this time via McAfee
And for those affected - here is the official fix at this time via McAfee
Comments