Last week, Kaspersky Lab was informed about a buffer overflow flaw that affects its antivirus products version 2015 and 2016 and released a patch within 24 hours.
Last week, Kaspersky Lab was informed about a buffer overflow flaw that affects its antivirus products version 2015 and 2016 by one of information security engineers working in Google and released a patch within 24 hours to address the problem.
Tavis Ormandy tweeted on 5th September about this exploit with a screenshot that shows windows calculator is running under the process of Kaspersky antivirus. A commonly used method to demonstrate successful code execution exploit is opening calc.exe from a difference process.
It simply means if an application contains a flaw that let an attacker execute calc.exe, the application can be used as a platform to execute any malicious code.
A representative of the Kaspersky Lab said the vulnerability was a buffer overflow and was patched within 24 hours after being reported. The patch was distributed to all the customers by use of automatic update.
Again, Ormandy tweeted on 7th September that he has sent some more vulnerabilities to Kaspersky to investigate even though still there is no information about the exploitability of the aforementioned bugs.
“Kaspersky Lab has always supported the assessment of our solutions by independent researchers. Their ongoing efforts help us to make our solutions stronger, more productive and more reliable.” Kaspersky Lab said.
Mr. Ormandy has a great reputation for finding security vulnerabilities in security products. Last June, he found a remote command execution vulnerability in ESET products. In 2014, he managed to find a flaw enabling hackers to disable Microsoft anti-malware products as well as finding critical vulnerabilities on Sophos antivirus in 2012.
About the Author
Ali Taherian (@ali_taherian) is an enthusiastic information security Officer. He’s finished his education in information security and has recently been involved in banking software and payment security industry. Taherian is proud to be certified IBM Cloud Computing Solution Advisor and ECSA and enjoys sharing and tweeting about security advances and news.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.