Antivirus software specialist Kaspersky has confirmed there is a potentially serious flaw in some of its programs, but has said that a fix will be available soon.
The company said the vulnerability is “minimal” and limited to Windows-based versions of its products. It added that as it does not license the vulnerable component to parties, most partner products that use Kaspersky code are not affected.
Kaspersky issued the statement in response to a report of a flaw in its antivirus library, through which an attacker could exploit the heap overflow vulnerability to commandeer systems that run its products.
The affected products are Kaspersky Anti-Virus Personal 5.0; Anti-Virus Personal Pro 5.0; Anti-Virus 5.0 for Windows Workstations; Anti-Virus 5.0 for Windows File Servers and Personal Security Suite 1.1.