Talos has discovered multiple vulnerabilities in Kaspersky’s Internet Security product which can be used by an attacker to cause a local denial of service attack or to leak memory from any machine running Kaspersky Internet Security software.
The vulnerabilities affect Kaspersky Internet Security 16.0.0, KLIF driver version 10.0.0.1532, but may affect other versions of the software too. Since anti-virus software runs with low level privileges on any system, vulnerabilities in these software are potentially very interesting for attackers. Although these vulnerabilities are not particularly severe, administrators should be aware that security systems can be used by threat actors as part of an attack, and keep such systems fully patched.
Vulnerabilities discovered by Piotr Bania and Marcin ‘Icewall’ Noga of Cisco Talos.