Kaspersky Lab says it will release a full fix for the widely reported flaw in its Windows anti-virus scanning engine later today.
The flaw gave remote attackers the opportunity to take over users’ machines by sending them a malformed compression file via e-mail. Once it got past the AV scanning engine, the file could infect a machine without any user interaction.
Kaspersky said that even before the widespread publicity about the flaw appeared it had already updated the signatures on its AV engine to stop most potential attacks exploiting the flaw.
A full fix to stop all such attacks will be available later today from Kaspersky's website.
The company has confirmed that the following products need to be updated: Kaspersky Anti-Virus Personal 5.0, Kaspersky Anti-Virus Personal Pro 5.0, Kaspersky Anti-Virus 5.0 for Windows Workstations, Kaspersky Anti-Virus 5.0 for Windows File Servers, and Kaspersky Personal Security Suite 1.1.