0 Записи
We found results matching "0" in 0 ms

Kaspersky Security Bug Caused Some Errors

Dec. 19, 2019

A security issue discovered in Kaspersky Secure Connection and found in several other Kaspersky security products allows a malicious actor to receive signed code execution, persistence and even forgery in case of more complex attacks.


The vulnerability described in CVE-2019-15689 allows hackers to execute an unsigned executable from a signed version that starts as NT AUTHORITY / SYSTEM and technically opens the door to new malicious activities on the compromised device.


SafeBreach declares that Kaspersky Secure Connection, which is included in Kaspersky Antivirus, Kaspersky Internet Security, Kaspersky Total Security and other packages, uses a service executed with SYSTEM privileges and whose executable is signed by "AO Kaspersly Lab".


If the attacker finds a way to execute code in this process, it can be used to skip the white list of applications, which security products can skip.


And since the service runs at startup, a potential attacker can persist even during startup to execute a malicious load.


Extensive analysis has shown that the Kaspersky service is trying to load a series of DLL files, some of which are missing. Since the security software does not use signature verification, it was easy to hide an unsigned executable as signed. In addition, the Kaspersky service does not use secure DLL loading, that is, it uses only the name of the DLL file and not an absolute path.


SafeBreach, which has also discovered security holes in other security products, explains that the attacker must have administrator rights on the target device.


The error was reported to Kaspersky in July 2019 and the security company launched CVE-2019-15689 on November 21.


Antivirus software will inevitably have some bugs, and Kaspersky is no exception. Nevertheless, Kaspersky is still an excellent and well-reviewed antivirus software, such as Kaspersky Total Security, which is available on bzfuture.


Bzfuture shares software news and advice on big data software and platforms. Don't forget to keep an eye on our weekly newsletter for more information.Get all the software products you need from the bzfuture online retail store. Connect with our customer service online.

Последние новости: Kaspersky Online Protection API is vulnerable to website abuse

Следующая новость: Microsoft Promises to Fix Windows 10 Corruption

ЗакрытьДобро пожаловать в Bzfuture Вход.

Еще не зарегистрировались ?   Sign Up Now

Войти с помощью сторонней учетной записи:

Open the bzfuture APP

Scan The code to login

ЗакрытьДобро пожаловать в w8games регистрацию

  • Адрес электронной почты*

    Please enter a valid Email.

  • Mobile Phone*

    Please enter a valid mobile phone.

  • Verification Code*

    Get Verification Code

    The code will be invalid in 5 minutes

  • Пароль*

    5 to 16 letters, numbers, and special characters.

  • Подтвердить пароль*

  • Имя* Фамилия*

  • Я прочитал и согласен с  
    Подписаться на Bzfuture Предложения, конкурсы и новости

Уже зарегистрированны в Bzfuture ?   Войти сейчас

Войти с помощью сторонней учетной записи

ЗакрытьЗабыли пароль

Закрыть

Prompt T698563:

The programe has been successfully submitted to the system

Закрыть

Prompt T698563:

The programe has been successfully submitted to the system

Закрыть

Prompt T698563:

The programe has been This is a warning ?

ЗакрытьSuccessful Registration

Click here to set up your User Center

CloseПроверка безопасности