Kaspersky security software detects vulnerabilities that can be exploited

Source: Internet
Author: User

Kaspersky security software detects vulnerabilities that can be exploited


Google's Project Zero security team published a blog saying that the Russian security company Kaspersky's anti-virus software has discovered multiple serious vulnerabilities, ranging from network intrusion detection, SSL interception, and file scanning, integrate with browsers and enhance local privileges. Security researchers said that most of the problems are still not fixed, but Kaspersky has made progress, so he disclosed one of the most easily exploited high-risk vulnerabilities that affected Kaspersky versions earlier than September 7. The problem is related to decompressing the Thinstall container. When the anti-virus software detects a Thinstall container, it tries to extract the content for scanning, but it is found that the stack buffer overflow is easily triggered during the extraction process. Security researchers said that anti-virus software has the highest system permissions, and developers should have adhered to the highest possible security development standards to minimize the potential damage to the software.

This article permanently updates the link address:

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.