Internet and antivirus giant Kaspersky has fixed a number of flaws, which could be used to crash its flagship software, rendering its protection useless.
Talos Group, the security arm of Cisco, said in a blog post that three of the flaws were denial-of-service flaws, which could crash the software, and the fourth could leak data, which may allow an attacker to exploit a local system.
Though the flaws are "not particularly severe," the security team warned that security systems can become targets of attacks.
Crashing an application may not be the most frieghtening vulnerability on the cards. But in the case of an antivirus, it could be used by an attacker to further run malicious code while the antivirus is restarting.
Kaspersky has since fixed the vulnerabilities.
from Latest Topic for ZDNet in... http://ift.tt/2c3JpXN
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.