Security Flaw in Kaspersky Antivirus

A security researcher has uncovered a critical security flaw in Kaspersky Anti-Virus that could allow an attacker to take control of a vulnerable system. The problem lies in a component used to open CAB files, which can be exploited using a buffer overflow.

According to an advisory issued by Alex Wheeler, a malformed CAB file could be sent via e-mail, and when opened by Kaspersky Antivirus for processing the PC could be compromised. Security firm Secunia has rated the flaw “Highly Critical” and notes that other Kaspersky software may also be vulnerable due to the component being reused across multiple products.

In a statement on its Web site, Kaspersky acknowledged the existence of the flaw but downplayed the potential risk to end users. “The actual threat posed by the CAB vulnerability is minimal and cannot affect the level of antivirus protection provided by Kaspersky Lab products,” the company said.

Nonetheless, Kaspersky has worked quickly to resolve the problem. Antivirus definitions released on September 29 onward include a check for such an attack.
The company has completed on an emergency update to its product line to fix the affected CAB module.


Please enter your comment!
Please enter your name here