McAfee will issue a patch on Wednesday for a vulnerability affecting its SecurityCenter application, a security software management tool.The vulnerability, rated “medium” by McAfee as far as its severity, could allow an unauthorized user to run code on a remote machine, the vendor said. It affects McAfee’s SecurityCenter versions 4.3 through 6.0.22.Security vendor eEye Digital Security notified McAfee of the vulnerability on July 19. Eeye withheld details of the vulnerability to not put users at risk, rating the problem as “critical.”McAfee said Tuesday it’s testing the patch it will release Wednesday. Some customers will receive the patch through an automated update system, while those who have opted for manual updates will have to download the patch. Customers should verify they have the latest software updates by visiting this site.For a successful attack, a user would have to open a malicious webpage seeking to exploit the vulnerability, McAfee said. The attacker would then have the same user rights as the person running the machine. The attacker could also delete files or install other programs on the machine, eEye said in its advisory, available here.McAfee has a 18.8 percent revenue share of the antivirus market, coming in second behind Symantec at 53.6 percent, according to market analyst Gartner.-Jeremy Kirk, IDG News Service (London Bureau)Keep checking in at our CSO Security Feed page for updated news coverage. Related content news Okta launches Cybersecurity Workforce Development Initiative New philanthropic and educational grants aim to advance inclusive pathways into cybersecurity and technology careers. By Michael Hill Oct 04, 2023 3 mins IT Skills Careers Security news New critical AI vulnerabilities in TorchServe put thousands of AI models at risk The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said. By Shweta Sharma Oct 04, 2023 4 mins Vulnerabilities news ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code NCC Group report claims machine learning models show strong promise in detecting novel zero-day attacks. By Michael Hill Oct 04, 2023 3 mins DevSecOps Generative AI Vulnerabilities news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe