A 'critical' flaw found in Kaspersky Lab's antivirus software.




A 'critical' flaw in Kaspersky Lab's antivirus software could let an attacker commandeer systems that use the products, a security researcher warned on Monday.

The problem lies in Kaspersky's antivirus library, security researcher Alex Wheeler wrote in an advisory. The vulnerability likely affects multiple Kaspersky products on various platforms because the library is used throughout the company's consumer and corporate software, he said.

Additionally, third-party products that use Kaspersky's antivirus technology could also be vulnerable, Wheeler said.

A remote attacker could exploit the heap overflow flaw by sending a malformed CAB file -- a compression file -- to a vulnerable system, the French Security Incident Response Team said in an advisory. The CAB file could be sent in an e-mail, for example, and once the Kaspersky antivirus scanner had accepted it, the malicious code would be in the system. No user interaction is required, Wheeler said. FrSirt describes the issue as "critical," its highest rating.

A representative for Kaspersky in Moscow could not immediately comment on the issue and said that the Russian company would need to investigate.

Antivirus software is like low-hanging fruit to hackers, Yankee Group analysts wrote in a research paper released earlier this year. As the pool of easily exploitable security bugs in Microsoft Windows dries up, attackers are looking to security software for holes to get into systems, the analysts said.

At the Black Hat Briefings security conference this summer, researchers at Internet Security Systems outlined vulnerabilities in antivirus products. ISS has discovered bugs in products from security software makers including Symantec, McAfee, Trend Micro and F-Secure.



From:

http://www.zdnet.com.au/news/softwar...9215552,00.htm

Kaspersky compromised by another security breach


Security researchers have uncovered another serious breach in Kaspersky's Anti-Virus Engine (KAV), while at the same time Computer Associates has warned of a serious unpatched bug in its iGateway software.

The Kaspersky bug, disclosed by iDefense, affects the component of KAV used to parse CHM files. In Linux versions of KAV, a corrupt CHM file can trigger a buffer overflow and allow malicious code execution, with no user interaction required. In Windows installations such a file only disables the virus scanner, but this could allow for further attacks by allowing malicious code to bypass security systems.


More:

http://www.techworld.com/security/ne...&\1NewsID=4556

Sureee just after they gove us 2 key's huh lol, jk Joe. Think they would want people to know that.

That's great, the software that's supposed to keep stuff off of your system lets them control your system :-D.

LOL , didn't think about that :grin: :grin: