Workflow:
1. Check that the driver is not present in the system directory (trying to open it in notepad)
2. Run the exploit. You are prompted to install the driver of Kaspersky. Inactivity (ie, do not agree)
3. Try to open driver file via notepad again and voila: the driver is installed!
Vulnerable: Kaspersky Crystal 12.0.1.228, KIS/KAV 2012, KIS/KAV 2011; other versions may also be affected.
Technical details won't be disclosed until I contact with Kaspersky Lab staff.
Original post in Russian
1. Check that the driver is not present in the system directory (trying to open it in notepad)
2. Run the exploit. You are prompted to install the driver of Kaspersky. Inactivity (ie, do not agree)
3. Try to open driver file via notepad again and voila: the driver is installed!
Vulnerable: Kaspersky Crystal 12.0.1.228, KIS/KAV 2012, KIS/KAV 2011; other versions may also be affected.
Technical details won't be disclosed until I contact with Kaspersky Lab staff.
Original post in Russian
Комментариев нет:
Отправить комментарий