Sun. Jun 7th, 2020

Security researchers found arbitrary code execution vulnerabilities in Kaspersky Antivirus Engine

1 min read

Security researchers at the Imaginary team are currently issuing a warning that Kaspersky Security Software has security vulnerabilities and recommends that users upgrade to the latest version of Kaspersky as soon as possible. The vulnerability is actually a bug that Kaspersky has fixed in April, but this vulnerability can indeed be used to execute arbitrary code on the user’s computer.

The attacker only needs to make a specific file based on the vulnerability and send it to the user, thanks to the automatic scanning technology who does not even need the user to open the file. This vulnerability is triggered when Kaspersky’s anti-virus engine automatically scans files received by the user, and then causes a buffer overflow problem on the stack. Kaspersky said that this vulnerability only affects the version of the anti-virus database released before April 4.

This vulnerability is located in Kaspersky software and therefore kills all Windows systems. The damage is still quite large due to the ability to execute arbitrary code remotely. Therefore, users who use Kaspersky are advised to check their version. If there is no automatic update, it is best to turn on the automatic update function as soon as possible.