Home → About Us→ Corporate News→ Updates News

Windows 7 compatible

Kaspersky PURE, Kaspersky Internet Security and Kaspersky Anti-Virus are fully compatible with Microsoft’s newest operating system. Read more

Free update: Already have a valid license? Want to download a Windows 7 compatible version? click here

3 vulnerabilities fixed in Kaspersky Anti-Virus for Workstation, File Server version 6.0

Pertains to the following components:

Kaspersky Anti-Virus for Workstations
Kaspersky Anti-Virus for File Server

Vulnerabilities fixed:

Kaspersky AV Library Remote Heap Overflow
klif.sys Heap Overflow Vulnerability
KLIF Local Privilege Escalation Vulnerability

Kaspersky AV Library Remote Heap Overflow¹

This vulnerability affected systems which are running the Kaspersky Anti-Virus Engine. User interaction is not required to exploit this vulnerability.

The OnDemand Scanner incorrectly parses specially crafted ARJ archives inside the arj.ppl module. This results in a memory overrun. Most often the product simply crashes. The corruption potentially can be exploited to execute arbitrary code without user interaction. Any products using arj.ppl are vulnerable.

klif.sys Heap Overflow Vulnerability ²

Locally executed code can write some special values into registry that hangs klif.sys driver, part of the proactive protection. The driver hooks and screens certain system calls, including registry functions. One of the hook functions is vulnerable to an integer overflow that leads to a kernel heap overflow. If a large unsigned value for the data size argument is passed an arithmetic overflow occurs when the amount of memory to allocate is calculated. A copy operation into this buffer causes a corruption of kernel page pool memory.

KLIF Local Privilege Escalation Vulnerability

This vulnerability allows locally executed code to receive Ring-0 privileges through klif.sys unsafe code. It requires the user to execute code. The vulnerability is local and code should first appear on user's computer.

All these vulnerabilities have been fixed in the version 6.0.

¹ Kaspersky would like to thank an anonymous researcher working with TippingPoint (www.tippingpoint.com) and the Zero Day Initiative (www.zerodayinitiative.com) for reporting this issue.

²Kaspersky would like to thank iDefence (http://labs.idefense.com) for reporting this issue.

04.04.2007

Americas:

Western Europe:

Eastern Europe:

Middle East & Africa

Asia & Pacific

Windows 7 compatible

3 vulnerabilities fixed in Kaspersky Anti-Virus for Workstation, File Server version 6.0

Kaspersky AV Library Remote Heap Overflow¹

klif.sys Heap Overflow Vulnerability ²

KLIF Local Privilege Escalation Vulnerability

Download Here

Americas:

Western Europe:

Eastern Europe:

Middle East & Africa

Asia & Pacific

Windows 7 compatible

3 vulnerabilities fixed in Kaspersky Anti-Virus for Workstation, File Server version 6.0

Kaspersky AV Library Remote Heap Overflow1

klif.sys Heap Overflow Vulnerability 2

KLIF Local Privilege Escalation Vulnerability

Download Here

Kaspersky AV Library Remote Heap Overflow¹

klif.sys Heap Overflow Vulnerability ²