Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Kaspersky Discharges Instant Update to Fix AV Vulnerability


Securityweek.com reported during the first week of September, 2015 stating that Kaspersky Lab has invented an update to tackle a serious AV flaw which has been reported by Tavis Ormandy, Security Engineer with Google.

Tavis Ormandy of Google has reported that he had spotted a vulnerability affecting the 2015 and 2016 editions of Kaspersky's AV products. Experts published a screenshot which shows a successful exploit against Kaspersky Anti-Virus it is not clear that whether Internet Security and other products of Kaspersky were affected also.

The researcher has not disclosed any details but he says that the matter is "as bad as it gets." The vulnerability seems to be a cushion overflow affecting the default configuration of the applicant. Ormandy said that his computer exploit could have been employed remotely with zero interaction.

The researcher informed Kaspersky about his findings and the security firm released a patch within 24 hours.

SecurityWeek published a report in the first week of September, 2015 quoting Kaspersky as saying "We would like to thank Mr. Tavis Ormandy for reporting us a buffer overflow flaw which our experts fixed within 24 hours of its revelation. A flaw has already been distributed through automatic updates to all our patrons and customers."

Kaspersky added that it will take extra care to avert repetition of such things and expressed its thanks to the community at large for informing the firm about this.

Kaspersky said that they are improving their mitigation strategies to stop exploiting of innate imperfections of their software in future.

Kaspersky also added that it has always supported the evaluation of their solutions by independent researchers and their continuous efforts help them to make their solutions stronger, more reliable and productive.

Ormandy has discovered bugs in Sophos' and ESET's software before and says that a probe of other products will follow. However, Kaspersky is a special case because of the popularity of its products which the company claims to protect 270,000 corporate clients and 400 million users across the world.

Another security firm has been fingered in the same manner. Kristian Hermansen, a Researcher, exposed the weaknesses of FirEye and the company has been contacted for its response to the possibly damaging disclosure.

ยป SPAMfighter News - 10/1/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next