Following several weeks of speculation over a potentially serious flaw in
its antivirus software, Kaspersky Labs has acknowledged the problem and said it
plans to release a patch today.
The vulnerability, made public by independent researcher Alex Wheeler, could
allow a hacker to take control of the popular antivirus software by sending
a specially crafted CAB file, which crashes the antivirus application.
However, the lab said the vulnerability is limited to Microsoft
Windows-based versions of its products.
This attack, once past the AV scanning engine, could be executed without
user intervention. Although the flaw has been rated “critical” by some
vulnerability testers, Kaspersky downplayed the threat.
“The actual threat posed by the vulnerability is minimal,” Kaspersky said in
a statement. The lab said it will release updates eliminating the vulnerability today and that they’ll be available for installation using standard updating procedures.
After confirming the vulnerability, the Moscow-based vendor said in a
statement, “Kaspersky Lab specialists have taken measures to eliminate the
threat related to the CAB module vulnerability.”
Kaspersky Labs said that it had previously altered the CAB files used in the
software on Sept. 29 to reduce the threat.
No attempts to create and distribute such exploits have been recorded to
date, the company said.
The products affected are Kaspersky Anti-Virus Personal, Pro 5.0,
Anti-Virus 5.0 for Windows Workstations and Windows File Servers and
Personal Security Suite 1.1.