Kaspersky has made some changes to the way its products check web pages for malicious activity after a researcher discovered an issue that could have been exploited to track users online.
Ronald Eikenberg of Germany’s c't magazine discovered that Kaspersky security software checked webpages by injecting a script that loaded JavaScript code from the cybersecurity firm’s servers. The main problem with this script was that the URL from which the code was loaded contained an identifier that was unique and permanently assigned to each device.
The script and the URL were loaded into the source code of each website visited by the user and the unique ID could have been easily read by each website, regardless of the browser used and if it was in incognito mode.
Eikenberg set up a test website that demonstrated how a malicious site could track a device based on Kaspersky’s unique identifier.
“Any website can read the user's Kaspersky ID and use it for tracking,” Eikenberg explained. “If the same Universally Unique Identifier comes back, or appears on another website of the same operator, they can see that the same computer is being used. If this assumption is correct, Kaspersky has created a dangerous tracking mechanism that makes tracking cookies look old. In that case, websites can track Kaspersky users, even if they switch to a different browser.”
The vulnerability, tracked as CVE-2019-8286, has been found to affect Kaspersky Anti-Virus up to 2019, Internet Security up to 2019, Total Security up to 2019, Free Anti-Virus up to 2019, and Small Office Security up to version 6. Patch F, which addresse ..
Support the originator by clicking the read the rest link below.
