The German security service BSI has issued a security alert for Kaspersky antivirus, advising users to install the latest patches as soon as possible.
The announcement (is available here in German), does not provide details on whether any exploit is currently circulating on the internet exploited by fraudsters. BSI generally warns that malicious users could send an email containing a malicious file their goals, and that this file "should not be opened" under any circumstances.
The security gap reported by BSI is recognized as CVE-2019-8285 and Kaspersky has been fixing it since last month.
The patch has already been released through Kaspersky's built-in product information system, so if automatic updates are enabled in the application you are using, your device should already be up to date and secure.
"Kaspersky Lab has fixed a security issue (CVE-2019-8285) in its products that could allow third parties to run arbitrary code remotely on the computer of a user with administrator privileges. "The security update was installed on Kaspersky Lab customers on April 4, 2019 through product updates," Kaspersky said on May 8.
"This problem was classified as a buffer overflow vulnerability (buffer overflow vulnerability). "Memory corruption while scanning JS files could lead to arbitrary code execution on the victim's system."
What can I do; I use her antivirus Kaspersky
If you are using the company's software, and you have not updated it, it would be good to update it immediately, from the application settings.