In association with heise online

25 August 2009, 10:26

Kaspersky confirm and close DoS vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The recently reported vulnerability to malformed URLs which could cause a denial of service with Kaspersky products has been closed. According to a statement from Kaspersky, the problem was caused by a faulty signature in Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 – "When parsing URL addresses formed in a certain way, including URLs in email messages, CPU usage could reach 100 per cent and block all web traffic."

The company has already corrected the faulty signature in a database update and says that it had no reported instances of system failure caused by the error while it was present in the database. It goes on to say that "had this vulnerability been exploited by cybercriminals, nothing more serious would have happened than the computer hanging" but that it is "constantly perfecting" its quality assurance processes.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit