Fortinet Discovers Kaspersky Self-Defence Bypass Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered a security bypass issue in Kaspersky Internet Security 2017.
Kaspersky Internet Security (KIS) is an internet security suite developed by Kaspersky Lab compatible with Microsoft Windows and Mac OS X. KIS offers protection from malware, as well as email spam, phishing and hacking attempts, and data leaks.
The self-defense driver bypass issue has been discovered in Kaspersky Internet Security 2017. The bypass takes advantage of Application Verifier DLL side loading method in order to load arbitrary payload DLL into Kaspersky core services like AVP.exe, which in turn allows attackers to bypass Kaspersky protection completely.
Solutions
Users should apply the solution provided by Kaspersky.
Timeline
Fortinet reported the vulnerability to Kaspersky on June 27, 2017.
Kaspersky patched the vulnerability on July 25, 2017.