An advisory has recently been published on rootkit.com regarding a vulnerability in KAV 7.0. Unfortunately, the authors of this material chose not to adhere to industry standard practice, and contact the vendor prior to disclosing vulnerability details. Although the authors claim that all attempts to inform Kaspersky Lab about this vulnerability were ignored, this is not the case: if we had been informed, this issue would have been addressed long ago.
The following products are vulnerable:
- Kaspersky Internet Security 6.0/7.0
- Kaspersky Anti-Virus 6.0/7.0
- Kaspersky Anti-Virus for Windows Workstations 6.0
- Kaspersky Anti-Virus 6.0 for Windows Servers
These products are vulnerable only when run on the following OSs:
- Windows NT
- Windows 2000
- Windows 2003 x86
- Windows XP x86
Products running on other Microsoft OS are not affected by this issue.
This vulnerability is classified as low risk because of its local nature: the user has to manually launch the exploit on his computer. Exploiting the vulnerability results in a critical system error (BSOD) but does not escalate privileges or provide a remote user with control over the computer.
A patch will be issued for this vulnerability in the very near future. The patch will install itself automatically. Additional information will be provided about patch release.
