卡巴斯基的官方回应
前一段日子Rootkit.com 发表了关于卡巴斯基存在巨大漏洞的文章,得到卡巴斯基的官方回应!
Faulty data processing in klif.sys driver
<关于klif.sys驱动文件中错误数据处理问题的说明>
On September 12, 2007, Rootkit.com published a report regarding two vulnerabilities affecting product operation in Kaspersky Lab products for Windows (view report).
<Rootkit.com网站于2007年9月12日发表了一份关于2个漏洞缺陷会影响到卡巴斯基实验室Windows版产品操作的报告>
This is not the first time that this author has failed to notify us about a vulnerability before making it public, despite the fact that notifying the vendor first is de facto an industry standard.
<尽管向制造商第一时间汇报反馈为业界之不诤的共识;然而该文作者已不止一次地在报告漏洞问题上犯马后炮的失误了。>
The article describes the following situations:
<文章大体叙述如下情况:>
The absence of data checking in klif.sys driver may result in a critical system error (BSOD) when malicious code is executed locally.
Kaspersky Lab does not regard this vulnerability as critical because this piece of code does not provide any benefits for malware writers. Exploiting this vulnerability draws attention to the presences of malware in the system, but it can neither be exploited from a remote computer nor does it enable privilege escalation for the attacker. However, the code in which the vulnerability was found is outdated – it is not needed on contemporary computer systems, therefore we are removing this code from our products.
<Kiif.sys驱动文件在数据校验过程中的缺失可能会当恶意代码本地执行时造成严重系统错误(蓝屏)。卡巴斯基实验室认为这不是严重级别的漏洞,因为这段代码对恶意程序编写者无利可求。虽然可能会吸引恶意程序的注意来攻击该漏洞;但是它既不可能被远程主机攻击,而且即便提升黑客权限,攻击也不能得逞。发现漏洞的那段代码已是明日黄花--对于当下的计算机系统它没有存在的必要;因此我们正着手把它从产品中删除。>
网友评论