Security
Now Reading
Kaspersky rolls out an emergency patch to fix a zero day exploit found in its security software
2

Kaspersky rolls out an emergency patch to fix a zero day exploit found in its security software

by AshwinSeptember 7, 2015

Kaspersky, the security software maker, touted as the world’s best was found to contain a critical security vulnerability in its apps.

Kaspersky-Internet-Security-2015

The finding was reported by Tavis Ormandy, who is a Google Engineer.

If that name rings a bell, you are not wrong. Ormandy was the one who found a security vulnerability in ESET‘s security products. back in June this year.

I am a bit shocked that a Kaspersky Lab software was caught napping. Naturally, as a Kaspersky Internet Security user, I was just as eager as other users to find out more about this exploit.  Ormandy had tweeted a screenshot of Windows’ Calculator app, running under the Kaspersky process, in the Task Manager. This is actually a customary trend used by many hackers/security researches to show that the app that Calc.exe is running under, has been compromised.

The exploit in the apps, was a critical zero day vulnerability, which could allow an attacker to remotely execute a malicious code.  Ormandy found that the security loophole existed in both  versions 15 and 16, which are the company’s current and upcoming line up of security software. PCWorld raises the question whether the vulnerability merely affected Kaspersky Anti-Virus (as seen in the scrrenshot on Twitter), or if the Internet Security and Total Security versions were also affected.

Ormandy had said that the vulnerability was actually a zero interaction SYSTEM exploit, in the default config of the security software, and added that it’s about as bad as it gets.

If that doesn’t explain things, just how dangerous the vulnerability was highlighted through a question, from a user, who asked Ormandy, how does a user get affected by it:

  1. A data packet (any connection to the internet is done through data packets)
  2. Viewing an image posted on Twitter
  3. Visiting a malicious website

The reply from the Google Engineer was a chilling “All of the above”.

Now, there is no need to panic here, as Ormandy had notified the Russian security firm about the vulnerability who apparently reached out to him to acknowledge the issue, which was reportedly a vulnerability in the stack overflow. Later yesterday, Ormandy tweeted that Kaspersky is rolling out a fix globally, within 24 hours after he had reported the security loopholes in their apps.

Sadly, there is absolutely no information on which patch fixed the issue. But since the security software is always kept up to date, one needn’t worry. A patch was released for the issue, and users are safe. It is possible that Kaspersky Lab did not disclose the affected versions, to prevent hackers from attacking users who may ve running the vulnerable versions.

2 Comments

Leave a Response