My Humble Blogworld

To be, or not to be: that is the question: Whether 'tis nobler in the mind to suffer The slings and arrows of outrageous fortune" William Shakespeare, "Hamlet" (1600-01)

Tuesday, June 07, 2005

Kaspersky Privilege Escalation

Users of Kaspersky ! Here is something to take note. Yet another "unpatched" vulnerability.
This time around its with the Kaspersky Labs Antivirus Program.

Those who are running Kaspersky Antivirus on Windows 2000, you're affected. A vulnerability was identified in Kaspersky AntiVirus, which can be exploited by attackers to execute privilege escalation attacks. This flaw is due to a bug in the "klif.sys" driver where insecure functions calls are made from the user level, which may be exploited by local users to execute arbitrary commands with kernel privileges .

This leads to my theory, which i repeat time, and time again. An antivirus, is JUST and antivirus. It ain't a god sent program ! Often end-users are made to think, "If you've got an antivirus, then you're all fine buddy !" ... Now... Think again.

PoC Code

0 Comments:

Post a Comment

<< Home

: Name: Srimadhava; Location: Kuala Lumpur, WP, Malaysia

"As a reformed hacker, I now evangelize on Ethical means of Hacking." I am a humble person who enjoys dwelling into the wonderful world of computer security ! If you have a desire to learn you will find me a willing teacher, if you have something to teach you will find me a willing student. The Hamlet saying "To be or not to be" used to represent me very well.. I used to be a confused child ! No more !

View my complete profile