| Home : March 10 2013 Computer News : Kaspersky acknowledges a bug that causes a system freeze |
|
Kaspersky acknowledges a bug that causes a system freeze |
March 10, 2013
Kaspersky Lab's Internet Security 2013 product contains a bug that can be exploited remotely, especially on local networks, to completely freeze the operating system on computers running the software.
The bug can be attacked by sending a specifically crafted IPv6 (Internet Protocol version 6) packet to computers running Kaspersky Internet Security 2013 and other Kaspersky products that have the firewall functionality, security researcher Marc Heuse said this week in an advisory published on the Full Disclosure mailing list.
"A fragmented packet with multiple but one large extension header leads to a complete freeze of the operating system," he said. "No log message or warning window is generated, nor is the system able to perform any task."
IPv6 support is enabled by default for network interfaces in Windows Vista and later, as well as in many Linux distributions and in Mac OS. IPv6 adoption on the Internet is relatively low at the moment so the number of computers that are publicly accessible over IPv6 is not very high. However, most computers are accessible over IPv6 on local networks and have local IPv6 addresses assigned to them by default.
To read this article in full or to leave a comment, please click here
Link: http://www.pcworld.com/article/2030244/kaspersky-acknowledges-a-bug-that-causes-a-system-freeze.html#tk.rss_all
|
|
|
|
|
