Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Kaspersky Antivirus Crash Vulnerable - Article

23 Aug 2009   #1

Kaspersky Antivirus Crash Vulnerable - Article

Kaspersky Antivirus Crash Vulnerable

DOS exploit found in Kaspersky Internet Security 2010 and Kaspersky AntiVirus 2010

A recent security report from Maksymilian Arciemowicz presented on the SecurityReason website details how remote users could crash PCs running Kaspersky-owned products. Pointing the antivirus to parse a URL, the users' CPU can be tricked to consume excessive resources and eventually crash.

The vulnerability affects Kaspersky Internet Security 2010 antivirus and its brother, the Kaspersky Antivirus 2010 version. The exploit was discovered on August 18th 2009, Kaspersky not being able to release a security update patch to this problem at the time when this article was written (check for updates at the bottom of the page).

The problem with these two antivirus versions appears when parsing a URL address. Using a lot of consecutive dots inside the address, the Kaspersky native avp.exe process will soar CPU usage up to 100%. At first, traffic via the browser will get blocked, and eventually, if enough consecutive dots have been passed inside the URL address, the computer will crash.

This exploit can be used inside HTML files, as normal href values or as img image sources. It will also work inside HTML email bodies. The code can be used remotely, and will lead to a denial-of-service that could alter computer hardware or software.

According to Maksymilian Arciemowicz, “The main problem exists in parsing url addresses […] Relativistic time to return to normal behavior is very long. In practice, when we give a large number of dots, kaspesky will not return to normal behavior.” He also added that, “This example will denial access to the browser and other kaspersky operations […] The user who executed the code above, will be deprived of the possibility of browsing and successive reset the Kaspersky.”

SecurityReason has classified this DOS attack vulnerability as a medium threat to PC users. Details and code exploit examples can be found at this link.
Source: Softpedia

My System SpecsSystem Spec
23 Aug 2009   #2

64-bit Windows 8.1 Pro

Quote   Quote: Originally Posted by Sassa View Post
Source: Softpedia
Yet another reason to avoid Kaspersky products like the black plague!!
My System SpecsSystem Spec

 Kaspersky Antivirus Crash Vulnerable - Article

Thread Tools

Similar help and support threads
Thread Forum
Cannot uninstall kaspersky antivirus
I've always been a BIG fan of Revo Uninstaller Pro. Revo has always been very good in regard to removing software, at least for me. HOWEVER, this evening was an exception. I was trying to remove a Kaspersky Antivirus program with Revo and, somehow, the uninstall was premature and apparently not...
System Security
Kaspersky AntiVirus 2011 not able to setup
Hi, I bought Kaspersky AntiVirus 2011 recently. I am able to to install the software sucessufully. But could not set it up the registration key. How should I do it? After installing the product, the set up window is not popping up. I use Windows XP PC. Thanks for your time. Vishwanath
System Security
Comodo AntiVirus or Kaspersky AntiVirus
Which of these is better? I'm currently using Kaspersky AV plus Comodo Firewall as noted in my sig.
System Security
kaspersky antivirus
should i use a anti spyware with this software or is kaspersky antivirus good enought
System Security
Kaspersky Lab patents hardware antivirus
more reads: Kaspersky Lab patents cutting-edge hardware antivirus solution Kaspersky Patents Hardware-Based Antivirus - Reviews by PC Magazine Kaspersky Patents Hardware-Based Antivirus - Yahoo! News Enjoy ;)
System Security
New Zone Alarm with Kaspersky Antivirus available
I've been beta testing ZA on 7 and it seems to me that Checkpoint has gotten everything correct. Right now, I'm downloading a brand new beta release version. Should be good since the one I'm using now is. Download here, but you have to quickly register first. Don't worry about minimum...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:44.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App