Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 are now fully compatible with Microsoft’s newest operating system. Read more

Free update: for users who already have a valid license and would like to download a Windows 7 compatible version, click here.

Low-risk vulnerability in kl1.sys driver is closed

Kaspersky Lab announces that it has patched a low-risk vulnerability in the kl1.sys driver that was found by iDefence.

The kl1.sys driver failed to properly perform a buffer size check. Malicious code executed locally could exploit a stack-based buffer overflow to execute arbitrary malicious code in the kernel.

This vulnerability affected the following Kaspersky Lab products for Windows:

Kaspersky Anti-Virus 6.0 and 7.0
Kaspersky Internet Security 6.0 and 7.0
Kaspersky Anti-Virus 6.0 for Windows Workstations

Early notification by iDefence enabled Kaspersky Lab to correct the kl1.sys driver code and patch the vulnerability.

The relevant patch is available to all users of vulnerable products via the built-in automatic updating module.

For more information, please visit the iDefence website: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704.

06.03.2008

Technical Support

Downloads

Home & Home Office

Products for Business

Services for Business

Kaspersky® Hosted Security

About Us

Partners

Site map|Privacy policy|Contact us|Send us a suspected virus