Kaspersky Lab pushes emergency patch for critical vulnerability
Kaspersky Lab has released an emergency patch for some of its antivirus products after a security researcher found a critical vulnerability that could allow hackers to compromise computers.
The flaw was discovered by vulnerability researcher and Google security engineer Tavis Ormandy, who mentioned it Saturday on Twitter, before sending the bug’s details to Kaspersky.
Ormandy’s Twitter message included a screen shot showing the Windows calculator (calc.exe) running under the Kaspersky antivirus process.
It works great against versions 15 and 16, he said.
Versions 15 and 16 correspond to Kaspersky’s 2015 and 2016 product lines. It’s not clear if only Kaspersky Anti-Virus was affected or also the vendor’s Internet Security and Total Security products.