Kaspersky security software detects vulnerabilities that can be exploited
Google's Project Zero security team published a blog saying that the Russian security company Kaspersky's anti-virus software has discovered multiple serious vulnerabilities, ranging from network intrusion detection, SSL interception, and file scanning, integrate with browsers and enhance local privileges. Security researchers said that most of the problems are still not fixed, but Kaspersky has made progress, so he disclosed one of the most easily exploited high-risk vulnerabilities that affected Kaspersky versions earlier than September 7. The problem is related to decompressing the Thinstall container. When the anti-virus software detects a Thinstall container, it tries to extract the content for scanning, but it is found that the stack buffer overflow is easily triggered during the extraction process. Security researchers said that anti-virus software has the highest system permissions, and developers should have adhered to the highest possible security development standards to minimize the potential damage to the software.
This article permanently updates the link address: