The German security agency BSI has issued a warning about a security flaw in the Kaspersky antivirus, recommending that users install the latest patches as soon as possible.
The announcement (is available here in German), does not provide details on whether any exploit is currently circulating on the internet exploited by fraudsters. BSI generally warns that malicious users could send an email containing a malicious file their goals, and that this file "should not be opened" under any circumstances.
The security gap reported by BSI is recognized as CVE-2019-8285 and Kaspersky has been fixing it since last month.
The patch has already been released through Kaspersky's built-in product information system, so if automatic updates are enabled in the application you are using, your device should already be up to date and secure.
“Kaspersky Lab has fixed a security issue (CVE-2019-8285) in its products that could allow third parties to remotely run arbitrary code on a user's computer with administrative rights. THE security update was installed on Kaspersky Lab customers on April 4, 2019 through product updates,” Kaspersky said on May 8.
"This problem was classified as a buffer overflow vulnerability (buffer overflow vulnerability). The destruction of memory during duration of JS file detection could lead to the execution of arbitrary code on the victim's system.”
What can I do; I use her antivirus Kaspersky
If you use the company's software, and you haven't updated it, it would be a good idea to update it immediately, from settings of the application.
______________
- Microsoft vs Google: Why browsers' war does not focus on privacy
- How much personal data do companies collect?
- Chinese hackers used the NSA tools before Shadow Brokers leaked
- WinRAR running malicious code from the application
