Security researchers have disclosed vulnerabilities that could be exploited by cyber attackers in products from Kaspersky Lab and FireEye.
Controversial Google security researcher Tavis Ormandy tweeted that he had tested a successful exploit of a vulnerability in Kaspersky Lab’s antivirus software.
Ormandy tweeted about the exploit on 5 September 2015, copying in Kaskpersky Lab Threatpost blogger Ryan Naraine, followed by a tweet the next day saying Kaspersky Lab was rolling out a fix.
Naraine responded to the second tweet by thanking Ormandy for his work, but the researcher has come under fire from other software suppliers in the past for premature vulnerability disclosures.
Microsoft has been particularly critical on Ormandy in the past for disclosing vulnerabilities in its software before its developers had time to develop a security update.
View full story