Site Network: | | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

Kaspersky Antivirus - Remote hacker automatic denial of service

Version: 7.0 and prior.
Technical Details:

By sending malicious parameters to NtOpenProcess, it is possible to crash Kaspersky Antivirus, when it uses klif.sys to access the process. Ironically klif.sys is designed to prevent malicious software from arbitrarily closing or otherwise controlling Kaspersky Antivirus.


All current versions of Kaspersky Antivirus (including the upcoming 7.0) are vulnerable to an attack that will crash the software at any account level, preventing its use by authorised users. This may leave systems unprotected from further malware / virus infection attempts and result in a completely compromised system.


Consider the use of alternate antivirus solutions in a defence-in-depth approach to system and data security.


Not Yet Available



External Tracking Data:

Not Yet Identified

Social bookmark this page