Vulnerability Found in Kaspersky Security Software

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

A security flaw has been uncovered in Kaspersky Anti-Virus 2011/2012 and Kaspersky Internet Security 2011/2012, which can be exploited to crash the complete software process.

"Researchers from Vulnerability Laboratory found a flaw caused by an invalid pointer corruption when processing a corrupt .cfg file through the Kaspersky exception filters," writes Softpedia's Eduard Kovacs. "The bug seems to be located in basegui.ppl and basegui.dll when a cfg file import is processed."

"According to the timeline report provided by Vulnerability Labs, Kaspersky was notified on the issue in December 2010 and responded a month later," Kovacs writes. "The information on the vulnerabilities was not disclosed until a few days ago, but there is no mention of the bug being fixed."

Go to "Kaspersky Anti-Virus and Internet Security 2012 Vulnerable to Hackers" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.