Researchers reveal Kaspersky and FireEye zero-day flaws

Russian anti-virus firm has already patched, while FireEye struggles to reach researchers

Major vulnerabilities in products from Kaspersky Lab and FireEye could allow malicious actors to break into users' computers.

The issues have been found and disclosed over the weekend by two security researchers.

Tavis Ormandy, of Google, discovered a vulnerability that he described as "a remote, zero interaction SYSTEM exploit in default config. So, about as bad as it gets", and said it "works great on [versions] 15 and 16". The bug could apparently be easily used by hackers to compromise Kaspersky customers' systems.

In a statement, Kaspersky Lab told IT Pro: "We would like to thank Mr. Tavis Ormandy for reporting to us a buffer overflow vulnerability, which our specialists fixed within 24 hours of its disclosure. A fix has already been distributed via automatic updates to all our clients and customers."

"Kaspersky Lab has always supported the assessment of our solutions by independent researchers. Their ongoing efforts help us to make our solutions stronger, more productive and more reliable," the company concluded.

A total four FireEye flaws were discovered by independent information security consultant Kristian Erik Hermansen. In the case of the one he made public, an unauthorised remote root file system access vulnerability could allow hackers to leak sensitive company files.

Hermansen revealed the vulnerability on Sunday, claiming FireEye had no facility for reporting bugs.

"Regrettably, Hermansen published proof-of-concept code showing how the vulnerability could be triggered," said Graham Cluley, also a security researcher. "All [four] are said to be up for sale."

In a statement, FireEye told IT Pro: "We appreciate the efforts of security researchers like Kristian Jermansen and Rom Perrise to find potential security issues and help us improve our products, but always encourage responsible disclosure."

"FireEye has a documented policy for researchers to responsibly disclose and inform us of potential security issues. We have reached out to the researchers regarding these potential security issues in order to quickly determine, and potentially remediate, and impacts to the security of our platforms," the company added.

This article was originally published on 7 September and updated on 8 September with a statement from FireEye.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

SonicWall hacked via zero-day flaw in remote access tools
Security

SonicWall hacked via zero-day flaw in remote access tools

25 Jan 2021
Global ransom DDoS extortionists are retargeting companies
distributed denial of service (DDOS)

Global ransom DDoS extortionists are retargeting companies

22 Jan 2021
Best ransomware removal tools
ransomware

Best ransomware removal tools

22 Jan 2021
Hackers publish over 4,000 files stolen from SEPA in ransomware attack
Security

Hackers publish over 4,000 files stolen from SEPA in ransomware attack

22 Jan 2021

Most Popular

How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
What is the Raspberry Pi Pico?
Hardware

What is the Raspberry Pi Pico?

21 Jan 2021
WhatsApp could face €50 million GDPR fine
General Data Protection Regulation (GDPR)

WhatsApp could face €50 million GDPR fine

25 Jan 2021