Hole found in Kaspersky anti-virus software

Kaspersky Labs is investigating a reported flaw in its anti-virus software that potentially allows remote attackers to take over a user’s machine.

Kaspersky Labs is investigating a reported flaw in its anti-virus software that potentially allows remote attackers to take over a user’s machine.

The flaw has been reported by security researcher Alex Wheeler and the French Security Incident Response Team.

The problem is said to lie in an omission in Kaspersky’s anti-virus signature library, and is likely to affect multiple versions of the company’s business and consumer products.

Third-party suppliers that use Kaspersky’s products in packaged systems could also be affected.

A remote attacker can take over users’ machines by sending a malformed compression file to a vulnerable system via e-mail, using a heap overflow technique.

The Kaspersky anti-virus scanner will accept the message and the user’s machine will become infected without any further user interaction.

Kaspersky says it is looking into the flaw.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...

SearchNetworking

SearchDataCenter

SearchDataManagement

Close