FireEye flamed: single email allows total network access

Google’s Project Zero finds flaw, patch arrives to plug gaping information maw.
Darren Pauli
Researchers at the Google’s Project Zero security research team have found a brutal hole in FireEye kit that allows attackers to lay waste to corporate networks with a single email.
The flaw, dubbed “666” from its Project Zero vulnerability number, is a passive monitoring hole that respected hacker Tavis Ormandy describes as a “nightmare scenario”.
Patches have been released for FireEye’s NX, FX and AX boxes.
To read the entire article, please click here.