Kaspersky Internet Security and Kaspersky Anti-Virus Identified With Vulnerabilities

The Kaspersky Anti-Virus and Internet Security products were identified with several critical security vulnerabilities that affect their users. Read on to find out more about the reported bugs.

Kaspersky Anti-Virus and Internet Security Products Contain Serious Bugs

Security experts have reported that the Kaspersky Anti-Virus and the Kaspersky Internet Security products possess serious vulnerabilities. Both of them are identified with the same bugs:

  • Remote users can bypass the certificate validation.
  • Local users can obtain a private SSL Key that is used to manage the SSL connections and this allows for the conducting of attacks against the SSL connections initiated by the target user’s browser.
  • When the target user trusts an invalid SSL certificate for a specific site, a remote user may bypass the certificate warnings for sites that are listed in the Subject Alternative Names of the original invalid certificate.
  • In addition a remote user can conduct a dangerous man-in-the-middle attack which exploits the SSL certificate caching error. This allows them to access the SSL connection which is initiated by the target user browser.

The list of affected products include the following security software made by Kaspersky Labs:

Kaspersky Anti-Virus 2016, 2017

Kaspersky Internet Security 2016, 2017

Kaspersky Total Security 2016, 2017

Kaspersky Small Office Security 4, 5

Kaspersky Fraud Prevention for Endpoints 6.0

Kaspersky Safe Kids for Windows 1.1

Kaspersky Endpoint Security for Mac

The vendor has issued updates that ammend the issue on December 28 2016. The following versions fix the issues:

Kaspersky Anti-Virus 2016, 2017

Kaspersky Internet Security 2016, 2017

Kaspersky Total Security 2016, 2017

Kaspersky Small Office Security 4, 5

Kaspersky Fraud Prevention for Endpoints 6.0

Kaspersky Endpoint Security for Mac

The vulnerabilities were reported by the security expert Tavis Ormandy and are tracked in two separate Security Tracker alerts – 1037546 and 1037545.

It is a positive fact that the company has released security updates that have fixed the serious flaws in a timely manner. At the time of writing this articles we have not detected any attacks that have leveraged the vulnerabilities in any way. This means that the security threat was detected by researchers from Kaspersky or a close party that have warned the developers team of the problem.

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.


Related Posts