Kaspersky Lab has closed a vulnerability in Kaspersky Embedded Systems Security discovered by the company Embedi.

The driver vulnerability, when exploited, allowed execute permissions to be raised to the maximum level for files launched under user accounts that did not have these permissions.

To close the vulnerability, install the critical update Core 2 (KB13865).

We would like to thank Embedi for notifying us of this vulnerability.

Critical fix Core 2 (KB13865) contains the following fixes and improvements:

• USB Monitoring The format of events registered by Kaspersky Security Center when an external device is connected to a protected computer via USB has been fixed. Once the fix has been applied, the application includes complete data about the connected device in the event it dispatches to the Administration Server.
• Performance Causes of the excess consumption of processor resources by Network Agent when installing the application in the no-av-bases configuration have been fixed.
• Application Launch Control Error processing the launch of files with a digital .cat signature by the Application Launch Control component has been fixed. Kaspersky Embedded Systems Security applies the allowing and denying certificate rules correctly for files with a .cat signature once Core2 (KB13865) has been applied.

Limited liability 

Due to technical reasons a private fix cannot be exposed to the full cycle of tests that ensure software quality. AO Kaspersky Lab explicitly disclaims any guarantees regarding both features and quality of a private fix. If not explicitly stated otherwise, private fixes are subject to the End-User License Agreement (EULA) under which the respective Kaspersky Lab product is licensed, in particular the following exclusion and limitation of liability notice. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL KASPERSKY LAB (THE RIGHTHOLDER) OR ITS PARTNERS BE LIABLE FOR ANY LOSSES AND/OR DAMAGES (INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS OR INFORMATION, FOR BUSINESS INTERRUPTION, OR OTHER PROPERTY DAMAGE) ARISING OUT OF OR IN ANY WAY RELATED TO THE USE OF OR INABILITY TO USE THE SOFTWARE, EVEN IF THE RIGHTHOLDER AND/OR ANY PARTNER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. BY DOWNLOADING AND INSTALLING THIS SOFTWARE THE USER CONFIRMS THAT HE/SHE HAS READ THESE NOTICES, THE RELEVANT EULA, AND IS AWARE OF THE POSSIBLE RISKS.

If the private fix did not help, contact technical support.