Kaspersky compromised by another security breach

Filed under
Security

Security researchers have uncovered another serious breach in Kaspersky's Anti-Virus Engine (KAV), while at the same time Computer Associates has warned of a serious unpatched bug in its iGateway software.

The Kaspersky bug, disclosed by iDefense, affects the component of KAV used to parse CHM files. In Linux versions of KAV, a corrupt CHM file can trigger a buffer overflow and allow malicious code execution, with no user interaction required.

Full Story.