14 DAY TRIAL // Kaspersky has always been described as one of the top antivirus solutions and even it if usually manages to crush the competition, you have to keep an eye on the security reports released every once in a while. Today, security company Secunia published an advisory as a new glitch was discovered in the kilf.sys driver of Kaspersky Antivirus and Kaspersky Internet Security. Secunia rated the hole as "not critical" but it sustained it "can be exploited by malicious, local users to cause a DoS (Denial of Service)." The version affected by the flaw is 7.0 build 125 but other releases might be affected as well.
"The vulnerabilities are caused due to errors within klif.sys when handling the parameters of certain hooked functions. These can be exploited to cause a DoS by e.g. calling "NtCreateSection()", "NtUserSendInput()", "LoadLibraryA()", or other unknown SSDT entries with specially crafted parameters," Secunia wrote in the advisory. Kaspersky is currently working to resolve the issues so I think your software solution is not in danger due to these flaws.
In fact, the 'the absence of data checking in klif.sys driver' is not regarded as a "critical vulnerability" according to Kaspersky, "because this piece of code does not provide any benefits for malware writers". However, Kaspersky Labs struggle to patch the bug as soon as they can in order to keep your information secure from attackers.
Also, rootkit.com asserts that Kaspersky Anti-Virus and Kaspersky Internet Security are affected by a DuplicateHandle issue. Kaspersky asserted that this problem is actually not a flaw but simple code and continued to praise its antivirus for being one of the best security solutions currently on the market.
"Kaspersky Lab does not consider this to be a vulnerability: it is not an error in our code, but an obscure method for manipulating standard Windows routines to circumvent our self-defense mechanisms. As a matter of fact, according to test results, Kaspersky self-defense capabilities are the most robust in the industry. While we are continually improving our self-defense capabilities, we do prioritize issues balancing between security, degree of seriousness and probability of use," the parent company wrote in a statement published on its official page concerning the DuplicateHandle report.
Kaspersky is one of the antiviruses designed to work on Windows Vista, the latest version of the operating system powered by Microsoft. The software solution proved us several times that it is able to protect our computers and, even if it is affected by more or less critical vulnerabilities every once in a while, the tests conducted by most independent firms support this statement.
If you want to download and try Kaspersky's solution, check out the antivirus category listed on Softpedia.