Data leak: Kaspersky users were clearly identifiable

Posted on by

Anyone who used Kaspersky, is on the Internet, as a user of anti-virus Software to identify. Is there a way to re-start surfing anonymously.

Kaspersky provides web pages where the company-surfing customer, with an ID that you can associate with the anti-virus Software. Thus, cyber criminals Kaspersky could be used to identify users uniquely. Conceivable attacks, aimed specifically at Kaspersky user or a security vulnerability in this Software. How can the function but disable.

A Search of heise editor Ronald Eikenberg has promoted a harmful side-effect of a feature of the Kaspersky Software emerge: a few months Ago, and noticed in the HTML source Code that contains a UUID (Universally Unique Identifier). UUID refers to a combination of characters that makes something clearly identifiable. The Kaspersky script that is responsible, ensures, among other things, that behind Google search results, which classifies the anti-virus Software is safe, a green sign is displayed.

The problem is that Kaspersky loads the UUID directly in the HTML Code of the website. Because other scripts (running on the same Domain) to access the HTML Code, and collect information. Even at the beginning of this year, the Kaspersky Software assigned to each Computer automatically a custom UUID. This helped to understand which web pages a particular computer was, even in incognito mode.

On the behavior of the Software pointed out, Kaspersky with the “Patch F” since July, that no longer a unique ID is appended to the single computer identified makes.

However, Kaspersky could. apparently not all of the tracks, which indicate the Antivirus Software So Ronald Eikenberg noticed in the HTML Code after the Patch, an ID, the users joined to now all Kaspersky: FD126C42-EBFA-4E12-B309-BB3FDD723AC1. So it is through an analysis of the HTML source text no longer possible, as the web pages viewed each of the computers assigned to. However, it is clear, furthermore, which website visitors put on Kaspersky as security Software.

Kaspersky ID hide

If Kaspersky binds the script with another security update, and it remains to be seen. In the main menu of the Software, users can no longer set the ID ends up in the HTML source text. To do this, navigate from the main menu on the bottom right bar “settings” “General settings” and “network settings”. According to Kaspersky, the user sets in the Block “processing of traffic”, whether the script is delivered. As soon as this Option is disabled, it no longer binds Kaspersky the script in the HTML source code. Thus, the ID falls away – but, of course, the actual function of the script.

SHARE ON
TwitterFacebookWhatsAppBufferLinkedInPin It

See also:

  1. Thunderspy: Intel responds to Thunderbolt vulnerability
  2. Vulnerability in Windows: System update urgently
  3. VLC Player Update: confusion about critical vulnerability
  4. Microsoft warns that attackers use the vulnerability in Internet Explorer
  5. Avira Antivirus update now: BSI warns of critical vulnerability
  6. WhatsApp vulnerability: Potential danger from video calls
  7. Windows 10: This issues users have after the patch day
  8. NetSpectre: CPU vulnerability enables remote data theft
  9. Antivirus software 2019: Security suites from ESET, G Data and McAfee available
  10. Password Checkup: Chrome extension warns of dangers of data leaks