Kaspersky Internet Security 2013 bug can freeze computers

[maia]

By Lucian Constantin

Kaspersky Lab acknowledged the existence of the issue for Kaspersky Internet Security 2013. "After receiving feedback from the researcher, Kaspersky Lab quickly fixed the error," the company said Thursday via email. "A private patch is currently available on demand and an autopatch will soon be released to fix the problem automatically on every computer protected by Kaspersky Internet Security 2013."

"Kaspersky Internet Security 2013 (and any other Kaspersky product which includes the firewall funcionality) is susceptible to a remote system freeze.

As of the 3rd March 2013, the bug is still unfixed.

If IPv6 connectivity to a victim is possible (which is always the case on local networks), a fragmented packet with multiple but one large extension header leads to a complete freeze of the operating system.

No log message or warning window is generated, nor is the system able to perform any task."

Kaspersky offers a temp fix, you can also disable the KIS ndis filter untill an update comes out.

"Heuse claims that he reported the bug to Kaspersky Lab on Jan. 21 and again on Feb. 14, but received no feedback from the company so he decided to disclose it publicly. In addition to the advisory he also published a proof-of-concept tool that can exploit the bug.

[Mr Orus]

:o Thank you for your notice news B) :coolwink:

[ande]

Ty.

[Marcus_SSA]

That´s why a prefer ESET on my O.S
:)

[Mr Orus]

That´s why a prefer ESET on my O.S

:)

B) Excellent choice.. :coolwink:

[Gabben]

Norton ftw

[Mr Orus]

Norton ftw :think:

[spudboy]

That´s why a prefer ESET on my O.S

:)

So what you're saying, is that ESET products have never had a bug or security vulnerability that needed fixing? Might want to look into that.