Kaspersky Lab confirmed Tuesday that a potentially serious flaw exists in its antivirus software, but said a fix is on the way. The security software maker said it had offered preliminary protection to customers last week and that a permanent patch will be available on Wednesday. Kaspersky also said that the vulnerability is limited to Microsoft Windows-based versions of its products. Additionally, while it does license the vulnerable component to some third parties, most partner products that use Kaspersky code are not affected, the Moscow-based company said in a statement. Kaspersky issued the statement in response to a report on Monday of a flaw in its antivirus library. An attacker could exploit the heap overflow vulnerability to commandeer systems that run Kaspersky's products, security researcher Alex Wheeler wrote in an advisory. Read the rest of the article at News.com.
just goes o show nothing is perfect, and never will be..... i mean security software needing a security fix!