Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Kaspersky Antivirus Crash Vulnerable - Article

23 Aug 2009   #1

Kaspersky Antivirus Crash Vulnerable - Article

Kaspersky Antivirus Crash Vulnerable

DOS exploit found in Kaspersky Internet Security 2010 and Kaspersky AntiVirus 2010

A recent security report from Maksymilian Arciemowicz presented on the SecurityReason website details how remote users could crash PCs running Kaspersky-owned products. Pointing the antivirus to parse a URL, the users' CPU can be tricked to consume excessive resources and eventually crash.

The vulnerability affects Kaspersky Internet Security 2010 antivirus and its brother, the Kaspersky Antivirus 2010 version. The exploit was discovered on August 18th 2009, Kaspersky not being able to release a security update patch to this problem at the time when this article was written (check for updates at the bottom of the page).

The problem with these two antivirus versions appears when parsing a URL address. Using a lot of consecutive dots inside the address, the Kaspersky native avp.exe process will soar CPU usage up to 100%. At first, traffic via the browser will get blocked, and eventually, if enough consecutive dots have been passed inside the URL address, the computer will crash.

This exploit can be used inside HTML files, as normal href values or as img image sources. It will also work inside HTML email bodies. The code can be used remotely, and will lead to a denial-of-service that could alter computer hardware or software.

According to Maksymilian Arciemowicz, “The main problem exists in parsing url addresses […] Relativistic time to return to normal behavior is very long. In practice, when we give a large number of dots, kaspesky will not return to normal behavior.” He also added that, “This example will denial access to the browser and other kaspersky operations […] The user who executed the code above, will be deprived of the possibility of browsing and successive reset the Kaspersky.”

SecurityReason has classified this DOS attack vulnerability as a medium threat to PC users. Details and code exploit examples can be found at this link.
Source: Softpedia

My System SpecsSystem Spec
23 Aug 2009   #2

64-bit Windows 8.1 Pro

Quote   Quote: Originally Posted by Sassa View Post
Source: Softpedia
Yet another reason to avoid Kaspersky products like the black plague!!
My System SpecsSystem Spec

 Kaspersky Antivirus Crash Vulnerable - Article

Thread Tools

Similar help and support threads
Thread Forum
Cannot uninstall kaspersky antivirus
I've always been a BIG fan of Revo Uninstaller Pro. Revo has always been very good in regard to removing software, at least for me. HOWEVER, this evening was an exception. I was trying to remove a Kaspersky Antivirus program with Revo and, somehow, the uninstall was premature and apparently not...
System Security
Comodo AntiVirus or Kaspersky AntiVirus
Which of these is better? I'm currently using Kaspersky AV plus Comodo Firewall as noted in my sig.
System Security
kaspersky antivirus
should i use a anti spyware with this software or is kaspersky antivirus good enought
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 00:21.
Twitter Facebook Google+