Security Experts:

Connect with us

Hi, what are you looking for?


Endpoint Security

Kaspersky Patches Vulnerabilities in Consumer Products

Kaspersky Lab has released updates for its consumer products to address several denial-of-service (DoS) and memory disclosure vulnerabilities identified by researchers at Cisco’s Talos group.

Kaspersky Lab has released updates for its consumer products to address several denial-of-service (DoS) and memory disclosure vulnerabilities identified by researchers at Cisco’s Talos group.

Cisco reported discovering a total of four issues in Kaspersky Internet Security products, specifically in the KLIF, KLDISK and KL1 drivers.

Two of the flaws, tracked as CVE-2016-4304 and CVE-2016-4305, are related to the way the KLIF driver handles NtUserCreateWindowEx and NtAdjustTokenPrivileges calls. A malicious app can execute an API call using invalid parameters and cause a system crash.

Another local DoS flaw, identified as CVE-2016-4307, is related to how the KL1 driver handles IOCTL calls. An attacker can exploit this vulnerability to cause a memory access violation and crash the system by sending a specially crafted IOCTL call to the driver.

The last security hole found by Talos researchers is CVE-2016-4306, which can allow attackers to use specially crafted IOCTL calls to leak kernel memory content to the userland. The weakness, caused by a weak implementation of the KlDiskCtl service in the KLDISK driver, can be exploited by an attacker to obtain information that may be useful in combination with other vulnerabilities.

“Since anti-virus software runs with low level privileges on any system, vulnerabilities in these software are potentially very interesting for attackers. Although these vulnerabilities are not particularly severe, administrators should be aware that security systems can be used by threat actors as part of an attack, and keep such systems fully patched,” Cisco said in a blog post.

The vulnerabilities were reported to Kaspersky in late April and while Cisco’s advisories list August 26 as the patch release date, the vendor told SecurityWeek that the issues were addressed in new product versions made available globally starting with July 29.

Kaspersky Lab has thanked Piotr Bania and Marcin ‘Icewall’ Noga of Cisco Talos for reporting the vulnerabilities, but pointed out that the issues are low severity.

“All vulnerabilities are classified as low severity, as it is theoretically only possible to exploit them if the system has already been infected with malware. Since the security of our customers is our top priority, we have already provided a fix for these vulnerabilities and released updated versions for our 2016 and 2017 line of consumer solutions,” Kaspersky Lab said in a statement sent to SecurityWeek.

Kaspersky recently announced the launch of a public bug bounty program via the HackerOne platform. The security firm is prepared to offer up to $50,000 to hackers who find serious vulnerabilities in Kaspersky Internet Security 2017 and Kaspersky Endpoint Security 10 SP1MR3 running on Microsoft Windows 8.1 or later.

Related Reading: Security Product Flaws Allow Attackers to Compromise Systems

Related Reading: Critical Flaws Expose Symantec Customers to Remote Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Google’s Threat Analysis Group (TAG) has shared technical details on an Internet Explorer zero-day vulnerability exploited in attacks by North Korean hacking group APT37.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Endpoint Security

Red Hat announced on Tuesday the general availability of a malware detection service for Red Hat Enterprise Linux (RHEL) systems.

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...

Application Security

Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...