McAfee's website full of security holes, researcher says

Found on Network World on Sunday, 27 March 2011

The McAfee.com website is full of security mistakes that could lead to cross-site scripting and other attacks, researchers said in a post on the Full Disclosure site on Monday.

This isn't just embarrassing, but also somewhat discrediting for McAfee, which markets a McAfee Secure service to enterprises for their customer-facing websites.

When, as of March 27, YGN found the flaws "to be unfixed completely," YGN publicly disclosed them.

For a security company, such problems are devastating. If they cannot keep their own website secure, how are customers supposed to believe that they will do a good job at finding problems on theirs?

Browse all articles« Previous « » Next »