What I did is open up KIS, click on settings, click on anti hacker, enable the firewall and click on settings (for the firewall). I have KIS 6 and vista and have never been able to get Firefox and KIS to work together until now. We’d like to thank Ronald Eikenberg for reporting this to us.I'm no computer expert but this worked for me. Nevertheless, we are constantly working on improving our technologies and products, resulting in a change in this process. This change was made after Ronald Eikenberg reported to us that using unique identifiers for the GET requests can potentially lead to the disclosure of a user’s personal information.Īfter our internal research, we have concluded that such scenarios of user’s privacy compromise are theoretically possible but are unlikely to be carried out in practice, due to their complexity and low profitability for cybercriminals. Kaspersky has changed the process of checking web pages for malicious activity by removing the usage of unique identifiers for the GET requests.
To prevent Kaspersky's antivirus to inoculate the problematic Javascript script-which it does by default-we recommend to manually uncheck it in the software settings, depending of course on how you feel about being spied upon.īelow is Kaspersky Labs' response to our story:
Last month, Kaspersky issued a patch which gives the same identifier for all the users of a specific version of the Russian company's antivirus software (Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security) which still allows a malicious hacker to know that an antivirus software is installed on the machine and whether the version has already been patched against the ID leak-which is still very valuable information for an attacker.
"At this point, it was clear that this was a serious security issue." "Even the incognito mode did not offer any protection against the Kaspersky-infused tracking," added Eikenberg. Furthermore, Eikenberg also found out that Kaspersky's servers were injecting a unique identifier into the HTML source code of the visited Web page that not only identifies a particular user but also the computer used.
0 kommentar(er)
