McAfee, a top computer security firm, on Friday admitted that it had accidentally fixed a potentially dangerous flaw in its technology for managing security software in large organizations and businesses six months ago, and apologized for not alerting companies or government agencies until last week, the Associated Press reports via BostonHerald.com.The security software firm issued an apology to its customers on Friday and suggested that all of its users upgrade to the most recent version of the software to prevent future security issues, according to the AP.Siobhan MacDermott told the AP that there have been no reports of attacks exploiting the now-patched flaw.The flaw affects McAfee’s ePolicy Orchestrator tool, which is employed for managing security software on thousands of computers at McAfee customers’ organizations or agencies, the AP reports. McAfee said its chief software architect, John Viega, unknowingly fixed the flaw—which could have allowed malicious users to obtain sensitive information, delete information or hide dangerous malware on users’ computers—six months ago while performing additional modifications to the software at issue, according to the AP.“We didn’t really realize we fixed the problem,” Viega told the AP. “We fixed one, but it was by accident.” Last week, eEye Digital Security staffers found the flaw and brought it to McAfee’s attention, the AP reports.Only corporate users of the software were affected, as consumer versions don’t employ McAfee’s centralized software management application to update antivirus definitions or other threat warnings, according to the AP.Earlier in the week, McAfee Chief George Samenuk criticized Microsoft for the many recently uncovered flaws in its software, and said McAfee is ready to hold its own with the Redmond, Wash.-based software giant in the security space.Keep checking in at our CSO Security Feed page for updated news coverage.-Compiled by Al Sacco Related content news Chinese state actors behind espionage attacks on Southeast Asian government The distinct groups of activities formed three different clusters, each attributed to a specific APT group. By Shweta Sharma Sep 25, 2023 4 mins Advanced Persistent Threats Advanced Persistent Threats Cyberattacks feature How to pick the best endpoint detection and response solution EDR software has emerged as one of the preeminent tools in the CISO’s arsenal. Here’s what to look for and what to avoid when choosing EDR software. By Linda Rosencrance Sep 25, 2023 10 mins Intrusion Detection Software Security Monitoring Software Data and Information Security feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Data and Information Security IT Leadership brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe