Posts Tagged ‘Kaspersky Internet Security 2013’

Seclists.org

Kaspersky Internet Security 2013 serious vulnerability

The new version of the software Kaspersky Internet Security 2013 contains a vulnerability that can trigger remote to completely paralyze the target computer.

Bug manifests itself in an attack by a specially crafted packet to the IPv6 protocol and sending it to the built-in firewall, which is part of a new product Kaspersky Lab.

Independent experts say that the bug also occurs in other products of the company with a built-in firewall.

According to Seclists.org, if a potential attacker sends over the network to the victim machine network packet format IPv6, and in the package there is a fragment header larger than the standard, it is fully “hangs” firewall, the product and the computer with them. Moreover, experts say that the product and the computer hang even before Internet Security 2013 has time to log a warning about the “wrong” IP-package and system logs antivirus does not leave any traces of the attack. (more…)