While I was examining a case, I think I discovered two vulnerabilites (or bug whatever you call it) on Mcafee VirusScan Enterprise v8.8 that may lead to scan bypass (it does not scan the second malicious file in a ZIP file) and wrong status update (it says it has already deleted the malicious file but it is still there). After I dig enough, I’ll share more information about it. For now you could watch the POC video, right here, right now…

Update [12.07.2012]: I have release a paper about this issue.

 

Proof of Concept Videos
———————————