"By sending a computer running Kaspersky Internet Security 2013 a specially crafted IPv6 packet, attackers can cause the operating system to hang."
A bug in Kaspersky Internet Security 2013 has meant that the software can cause its host operating system to lock up if it receives a specially crafted IPv6 packet.
Posting on the Full Disclosure mailing list earlier this week, security consultant Marc Heuse said that if IPv6 connectivity to the target machine was possible, an attacker could send a specially crafted packet that would result in a denial of services.
"A fragmented packet with multiple but one large extension header leads to a complete freeze of the operating system. No log message or warning window is generated, nor is the system able to perform any task," he wrote.
At the time, Heuse said that the only solution was to remove the offending part of the product, or uninstall it in its entirety.
According to Heuse, he had previously reported the bug to Kaspersky on January 21, and again on Feburary 14.
Continued : http://www.zdnet.com/rare-kaspersky-bug-locks-up-operating-system-7000012227/
Get behind the wheel with Roadshow
Love cars? Climb into the driver's seat for the latest videos, reviews, shopping advice and picks by our editors delivered to your inbox every week.