14 DAY TRIAL // The Kaspersky Internet Security is a pack of utilities that contains antivirus, anti-spam tools and a powerful firewall able to protect the computer against Internet attacks. Because it is meant to defend us against computer attacks, I must tell you the application is not as safe as its users expected it to be because it contains a security flaw that can allow an attacker to control an affected system. A recently reported vulnerability informs us about a vulnerability discovered in Kaspersky Internet Security able to stop the protection system and enable a hacker to execute malicious files with administrator privileges.
"The klif.sys driver is part of the "anti-hacker" proactive protection. As part of this defense, the driver hooks and screens various system calls, such as registry functions. The hook function for the _NtSetValueKey() function is vulnerable to an integer overflow that leads to a kernel heap overflow. Passing a large unsigned value for the data size argument results in an arithmetic overflow when calculating the amount of memory to allocate. A copy operation into this buffer results in corruption of kernel memory," iDefense Labs sustained in a security advisory.
The vulnerability was confirmed in the 6.0.1.411 version of Kaspersky Internet Security suite but the flaw might also affect previous versions of the application. If you want to avoid a successful exploitation of the vulnerability, it is recommended to update to the latest release of the product, available on Softpedia. In the past, the programs developed by Kaspersky Labs encountered similar problems but some of them were quickly fixed by the company. The best example is represented by an update issue in Kaspersky Antivirus that blocked users' attempt to update the product and made the computer vulnerable to the latest Internet threats.