Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Security Flaw in Kaspersky Antivirus

By Nate Mook, BetaNews

October 4, 2005, 3:20 PM

UPDATED A security researcher has uncovered a critical security flaw in Kaspersky Anti-Virus that could allow an attacker to take control of a vulnerable system. The problem lies in a component used to open CAB files, which can be exploited using a buffer overflow.

According to an advisory issued by Alex Wheeler, a malformed CAB file could be sent via e-mail, and when opened by Kaspersky Antivirus for processing the PC could be compromised.

Security firm Secunia has rated the flaw "Highly Critical" and notes that other Kaspersky software may also be vulnerable due to the component being reused across multiple products.

In a statement on its Web site, Kaspersky acknowledged the existence of the flaw but downplayed the potential risk to end users.

"The actual threat posed by the CAB vulnerability is minimal and cannot affect the level of antivirus protection provided by Kaspersky Lab products," the company said.

Nonetheless, Kaspersky has worked quickly to resolve the problem. Antivirus definitions released on September 29 onward include a check for such an attack. The company has also completed on an emergency update to its product line to fix the affected CAB module.

The new version of Kaspersky Anti-Virus is available for download via FileForum.

Add a Comment (4 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By kronix2

posted Oct 6, 2005 - 5:35 AM

It took them one day to update their application modules, and hours to issue updated virus definitions. If only all security flaws were dealt with so speedily.

Score: 0

By jordenpro

posted Oct 5, 2005 - 10:56 AM

This is exactly why Kaspersky is the best Anti-Virus around. A flaw like this is discovered, they quickly explain and release a solution also noting that no PoC has been released on this flaw.

I trust Kaspersky for my AntiVirus needs because they are the best.

Score: 0

By beta_animal

posted Oct 4, 2005 - 6:11 PM

http://www.kaspersky.com/news?id=171512144

Wouldn't it be nice if Microsoft "Highly Critical" vulnerabilities were dealt with this quickly? Reported October 4. New virus definitions released October 4.

Score: 0

By JSDvs9172

edited Oct 4, 2005 - 8:23 PM

Very true. However you have to remember that frequent updates did cause confusion for customers in Microsoft's case, hence we got "Patch Tuesday." But aside from that, who knows? (Although the delay does provide for adequate "quality-check time," and Microsoft DOES break cycle on patches if it's an emergency...)

Score: 0

Nov 21 - 6:51 PM ET Coalition urges better laws for e-mail and cell phone privacy

Nov 21 - 6:42 PM ET How is Internet advertising faring in this bad economy?

Nov 21 - 6:15 PM ET From out of the Amazon Cloud, an AWS winner emerges

Nov 21 - 5:20 PM ET Mufin music finder enters public beta, adds widgets

Nov 21 - 5:01 PM ET Google launches its SearchWiki semantics plug-in

Nov 21 - 4:57 PM ET Asus previews a slimmer, less costly Eee PC

Nov 21 - 4:32 PM ET New Adobe Media Player ushers in AIR 1.5

Nov 21 - 2:11 PM ET AT&T to add Pantech's low-cost C630 phone to 3G lineup

Nov 21 - 1:11 PM ET iPhone gets firmware 2.2 update

Nov 21 - 11:51 AM ET The Dell surprise: Higher earnings on lower revenue