First published: Mon Dec 02 2019(Updated: )
Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products
Credit: vulnerability@kaspersky.com
Affected Software | Affected Version | How to fix |
---|---|---|
Kaspersky Kaspersky Internet Security | =2019 | |
Kaspersky Kaspersky Internet Security | =2019-patch_f | |
Kaspersky Kaspersky Internet Security | =2019-patch_i | |
Kaspersky Kaspersky Internet Security | =2019-patch_j | |
Kaspersky Secure Connection | =3.0 | |
Kaspersky Secure Connection | =4.0 | |
Kaspersky Security Cloud | =2019 | |
Kaspersky Security Cloud | =2019-patch_i | |
Kaspersky Security Cloud | =2019-patch_j | |
Kaspersky Security Cloud | =2020 | |
Kaspersky Total Security | =2019 | |
Kaspersky Total Security | =2019-patch_f | |
Kaspersky Total Security | =2019-patch_i | |
Kaspersky Total Security | =2019-patch_j | |
Kaspersky Total Security | =2020 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.