Kaspersky fixes antivirus crash bug

The denial-of-service flaws could be used to install malware.

Internet and antivirus giant Kaspersky has fixed a number of flaws that could be used to crash its flagship software, rendering its protection useless.

Talos Group, the security arm of Cisco, said in a blog post that three of the flaws were denial-of-service flaws that could crash the software, and the fourth could leak data, which may allow an attacker to exploit a local system.

Though the flaws are "not particularly severe", the security team warned that security systems can become targets of attacks.

Crashing an application may not be the most frieghtening vulnerability on the cards. But in the case of an antivirus, it could be used by an attacker to further run malicious code while the antivirus is restarting.

Kaspersky has since fixed the vulnerabilities.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All