Jump to content

German Cybersecurity Agency Warns of Security Flaw in Kaspersky Antivirus


The AchieVer

Recommended Posts

The AchieVer

German Cybersecurity Agency Warns of Security Flaw in Kaspersky Antivirus 

German cybersecurity agency BSI issued a warning concerning a security flaw in Kaspersky antivirus, recommending users to install the latest patches as soon as possible.

 

German cybersecurity agency BSI issued a warning concerning a security flaw in Kaspersky antivirus, recommending users to install the latest patches as soon as possible.

 
While the advisory (available in German here, so translation is needed) doesn’t include any details regarding possible cyberattacks based on the flaw, BSI warns that hackers only need to send a malicious email containing a crafted file to their targets and, in some cases, this file “doesn’t even need to be opened.”

The security flaw that BSI warns of is documented in CVE-2019-8285, and it was actually fixed by Kaspersky last month.

The issue allows for remote execution of arbitrary code on a vulnerable computer, and Kaspersky said only systems with antivirus databases released before April 4 were exposed.Patch already available for Kaspersky softwareThe patch has already been released through the built-in update system of Kaspersky products, so if automatic updates are enabled, your device should be secure.

“Kaspersky Lab has fixed a security issue CVE-2019-8285 in its products that could potentially allow third-parties to remotely execute arbitrary code on a user's PC with system privileges. The security fix was deployed to Kaspersky Lab customers on 4th April, 2019 through a product update,” an advisory published by Kaspersky on May 8 reads.

Technically, all Kaspersky products with antivirus database are affected by the vulnerability. The vulnerability isn’t tied to the operating system version, so all Windows releases are impacted.

“This issue was classified as heap-based buffer overflow vulnerability. Memory corruption during JS file scan could lead to execution of arbitrary code on a user machine,” Kaspersky says.

In other words, the vulnerability can be exploited by simply having the Kaspersky security product to scan a crafted JS file, which can help an attacker achieve remote code execution and eventually take control of the target device.
 
 
 
 
Link to comment
Share on other sites


  • Replies 1
  • Views 453
  • Created
  • Last Reply

CIA and NSA are doing all they can to downplay Kaspersky's public image? :P 

How about our double agent - @straycat19 - tell us all about it? :P 

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...