Showing results for 
Search instead for 
Did you mean: 
Level 9

Critical Hotfix for Email Gateway & Email/Web Security Products

McAfee has released hotfixes to resolve critical issues in the following products:

  • ·McAfee Email Gateway (MEG) 7.0.1 and earlier (HF
  • ·McAfee Email and Web Security (EWS) 5.6 Patch 3 and earlier (HF
  • ·McAfee Email and Web Security (EWS) 5.5 Patch 6 and earlier (HF

This update must be considered Critical. The Authentication Bypass issue could allow an attacker to take control and gain ownership of the appliance. The Directory Traversal and Reflected Cross-Site Scripting (XSS) issues could reveal password file information and allow an attacker to run arbitrary JavaScript from the administrator’s browser.

See McAfee KnowledgeBase article SB10026, to:

  • ·Confirm your appliance version and patch level
  • ·Get additional details on the impact and remediation
  • ·Get full download instructions and links

This does not affect MEG (IronMail) 6.7.x

Message was edited by: jsonger on 5/8/12 10:41:46 AM CDT
0 Kudos