Security flaw discovered in the application

Jun 12, 2007 14:56 GMT  ·  By

Kaspersky Antivirus, one of the most popular security solutions for our computers, proved us again that it's hard to name a program the best in its category after the security companies discovered a vulnerability in its engine. Although security company Secunia rated it as not critical, it is a sign that our computers are not safe even if we have Kaspersky Antivirus installed on them. The security flaw affects multiple solutions designed by Kaspersky Labs such as Kaspersky Internet Security 6.0 / 7.0, Kaspersky Anti-Virus 6.0 / 7.0, Kaspersky Anti-Virus for Windows Workstations 6.0 and Kaspersky Anti-Virus 6.0 for Windows Servers all of them for Windows NT, Windows 2000, Windows 2003 x86, and Windows XP x86.

"EP_X0FF has reported some vulnerabilities in Kasperky AntiVirus, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within klif.sys when handling the parameters of a hooked function. This can be exploited to cause a DoS by calling "NtOpenProcess()" with a specially crafted parameter," Secunia said in the advisory.

The only solution is to block or to restrict the access of the unknown users to the affected systems and wait until an updated version or at least a patch is released by the parent company.

Kaspersky Antivirus is often described as the best antivirus solution on the Internet because it provides the best features bundled with low requirements. I agree that Kaspersky is one of the top antivirus tools but the term "the best" is not adequate for a security solution as long as most of them are affected by more or less critical vulnerabilities. Besides Kaspersky, Symantec was one of the most affected security companies as a lot of its products were the subjects of security notifications with critical flaws.