===================================================================== CERT-Renater Note d'Information No. 2008/VULN208 _____________________________________________________________________ DATE : 05/06/2008 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running Kaspersky Anti-Virus, Kaspersky Internet Security. ====================================================================== http://www.kaspersky.com/technews?id=203038727 ______________________________________________________________________ Low-risk vulnerability in kl1.sys driver is closed Kaspersky Lab announces that it has patched a low-risk vulnerability in the kl1.sys driver that was found by iDefence. The kl1.sys driver failed to properly perform a buffer size check. Malicious code executed locally could exploit a stack-based buffer overflow to execute arbitrary malicious code in the kernel. This vulnerability affected the following Kaspersky Lab products for Windows: * Kaspersky Anti-Virus 6.0 and 7.0 * Kaspersky Internet Security 6.0 and 7.0 * Kaspersky Anti-Virus 6.0 for Windows Workstations Early notification by iDefence enabled Kaspersky Lab to correct the kl1.sys driver code and patch the vulnerability. The relevant patch is available to all users of vulnerable products via the built-in automatic updating module. For more information, please visit the iDefence website: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================