OREANDA-NEWS. On October 09, 2007 Kaspersky Lab, a leading developer of secure content management solutions, announced the release of a new version of the free Kaspersky Online Scanner, which scans user computers for malicious programs, reported the press-centre of Kaspersky Lab.

Kaspersky Online Scanner version 5.0.98.0 corrects the high-risk vulnerability KLV07-09 (CVE-2007-3675). Insufficient control of input parameters in the ActiveX component of Kaspersky Online Scanner version 5.0.93.1 and earlier versions could result in a buffer overflow which could potentially enable an attacker to execute malicious code on a user’s computer.

The vulnerability was discovered by Stephen Fewer of Harmony Security working with the VeriSign iDefense VCP. Kaspersky Lab would like to thank the experts from Harmony Security and iDefence for providing information about the vulnerability, making it possible to eliminate the threat before it could be exploited.

Kaspersky Lab strongly recommends that all Kaspersky Online Scanner users install the new version of the application, which is available at http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html.