The new version of the software Kaspersky Internet Security 2013 contains a vulnerability that can trigger remote to completely paralyze the target computer.
Bug manifests itself in an attack by a specially crafted packet to the IPv6 protocol and sending it to the built-in firewall, which is part of a new product Kaspersky Lab.
Independent experts say that the bug also occurs in other products of the company with a built-in firewall.
According to Seclists.org, if a potential attacker sends over the network to the victim machine network packet format IPv6, and in the package there is a fragment header larger than the standard, it is fully “hangs” firewall, the product and the computer with them. Moreover, experts say that the product and the computer hang even before Internet Security 2013 has time to log a warning about the “wrong” IP-package and system logs antivirus does not leave any traces of the attack.
Recall that the support of the network protocol IPv6 has been introduced in the Windows family of operating from Vista. Also, it is present in Linux and Mac OS X.
Mark Heuss, independent expert, says he first discovered the bug to Kaspersky Internet Security 2013 in January and 21st, and February 14 to resend the data to the Russian antivirus company, but it shall not reply. Today, data about a bug appeared in the public domain, as well as the exploit to generate fake IPv6-packets.
In “Kaspersky Lab” reported that they had received information about a bug and has already released a patch to fix the problem, but the patch is not yet enrolled in avtoapdeytov and available in the “on demand.” For all users, it will be available “soon.” The company also reported that the bug is not used in the conduct of real attacks and has a very limited distribution.
More technical details are available at http://seclists.org/fulldisclosure/2013/Mar/36