Kaspersky Lab: Antivirus Software and Free Online Virus Scan
  

Products & Services

eStore

Threats

Downloads

Support

Partners

About Us

About Us

Low-risk vulnerability in kl1.sys driver is closed

 
Home / About Us / Corporate News / Updates News  
 

Kaspersky Lab announces that it has patched a low-risk vulnerability in the kl1.sys driver that was found by iDefence.

The kl1.sys driver failed to properly perform a buffer size check. Malicious code executed locally could exploit a stack-based buffer overflow to execute arbitrary malicious code in the kernel.

This vulnerability affected the following Kaspersky Lab products for Windows:

  • Kaspersky Anti-Virus 6.0 and 7.0
  • Kaspersky Internet Security 6.0 and 7.0
  • Kaspersky Anti-Virus 6.0 for Windows Workstations

Early notification by iDefence enabled Kaspersky Lab to correct the kl1.sys driver code and patch the vulnerability.

The relevant patch is available to all users of vulnerable products via the built-in automatic updating module.

For more information, please visit the iDefence website: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704.

  06.03.2008  

 



Kaspersky Anti-virus Logo
Copyright © 1997 - 2009 Kaspersky Lab

Industry-leading Antivirus Software

Site map  |   Privacy  |  Contact us  |  Send us a suspected virus