Rare Kaspersky bug locks up operating system

By sending a computer running Kaspersky Internet Security 2013 a specially crafted IPv6 packet, attackers can cause the operating system to hang.
Written by Michael Lee, Contributor

A bug in Kaspersky Internet Security 2013 has meant that the software can cause its host operating system to lock up if it receives a specially crafted IPv6 packet.

Posting on the Full Disclosure mailing list earlier this week, security consultant Marc Heuse said that if IPv6 connectivity to the target machine was possible, an attacker could send a specially crafted packet that would result in a denial of services.

"A fragmented packet with multiple but one large extension header leads to a complete freeze of the operating system. No log message or warning window is generated, nor is the system able to perform any task," he wrote.

At the time, Heuse said that the only solution was to remove the offending part of the product, or uninstall it in its entirety.

According to Heuse, he had previously reported the bug to Kaspersky on January 21, and again on Feburary 14.

"No feedback was given by Kaspersky, and the reminder contained a warning that without feedback, the bug would be disclosed on this day. So here we are."

Although it did not acknowledge receiving Heuse's earlier warnings, Kaspersky Lab has since confirmed that the fault lay with one of its system drivers.

"A private patch is currently available on demand, and an autopatch will soon be released to fix the problem automatically on every computer protected by Kaspersky Internet Security 2013," the company told ZDNet.

"Although Kaspersky Lab acknowledges the issue, it would like to stress that there was no threat of malicious activity affecting the PCs of any users who may have experienced this rare problem.

"Kaspersky Lab would like to apologize for any inconvenience caused. Actions have been taken to prevent such incidents from occurring in the future."

Editorial standards