Jump to content

Kaspersky Fixes Bugs That Allowed Attackers to Crash Its Antivirus


Batu69

Recommended Posts

Kaspersky fixes three DoS flaws, one information leak bug

Russian security vendor Kaspersky Lab has recently patched four vulnerabilities in its flagship product, the Kaspersky Internet Security Suite, which allowed attackers to crash the antivirus and disclose information from the computer's memory.

The Cisco Talos team has identified these four issues (CVE-2016-4304, CVE-2016-4305, CVE-2016-4306, and CVE-2016-4307) affecting the product's KLIF, KLDISK and KL1 drivers, used to interact with underlying Windows APIs.

One bug is an information disclosure vulnerability, and the other three are DoS (Denial of Service) issues that crash the application.

DoS bugs are considered annoying at best and are low-priority security issues in most software applications, but this doesn't apply to antivirus engines (or "security systems," since nobody calls them antiviruses anymore).

"Although these vulnerabilities are not particularly severe, administrators should be aware that security systems can be used by threat actors as part of an attack, and keep such systems fully patched," the Cisco Talos team notes in their advisory.

DoS bugs can have serious consequences in AV products

An attacker who can run code on a machine with the Kaspersky antivirus installed could feed the antivirus malicious code that could crash the security product, which would allow them to run further malicious code without the antivirus blocking their actions.

The information leak bug could also be used to leak data from the memory and gain details about where certain processes are executing, data needed to plan further attacks and craft targeted exploits.

Kaspersky has addressed all issues with updates to its Internet Security Suite. Earlier this month, at the Black Hat USA 2016 security conference in Las Vegas, Kaspersky announced it was starting a bug bounty program that would reward security researchers for finding and privately disclosing security bugs in its software.

Kaspersky's decision was overshadowed by Apple's similar announcement, the Cupertino tech giant announcing a bug bounty program of its own.

Article source

Link to comment
Share on other sites


  • Replies 1
  • Views 514
  • Created
  • Last Reply
write2vivek86

there was the time I used to trust Kaspersky. Kaspersky does have some many bugs in them. Thank god I left using it...rip!! u Kaspersky

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...