Kaspersky Fixes Antivirus Zero Day

Tuesday, September 8, 2015 @ 03:09 PM gHale

Kaspersky Lab fixed a Zero Day exploit in its antivirus product.

The exploit is in Kaspersky’s antivirus, versions 15.x and 16.x, said Google Information Security Engineer, Tavis Ormandy, who discovered the vulnerability.

Zero Day Flaws in Browsers for Android
Zero Day: Firefox Fixed
Flash Zero Days Abound
Espionage Group Leverages Flash Zero Day

The vulnerability is “a remote, zero interaction SYSTEM exploit, in default config,” he said.

The Kaspersky bug would have permitted an attacker to easily infiltrate the victim’s computer, and gain system-level privileges, allowing him to carry on any kind of attacks without restrictions.

After the vulnerability news went out on Twitter, the Kaspersky team quickly reacted and by the next day, the security company unveiled a worldwide update for its product.

Since so little details released on Twitter, and Kaspersky released an update in less than 24 hours, there are small chances this vulnerability ever ended up used by any malicious actor.

Kaspersky Lab released this statement:

“We would like to thank Mr. Tavis Ormandy for reporting to us a buffer overflow vulnerability, which our specialists fixed within 24 hours of its disclosure. A fix has already been distributed via automatic updates to all our clients and customers. We’re improving our mitigation strategies to prevent exploiting of inherent imperfections of our software in the future. For instance, we already use such technologies as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP). Kaspersky Lab has always supported the assessment of our solutions by independent researchers. Their ongoing efforts help us to make our solutions stronger, more productive and more reliable.”