Ilya Rabinovich has reported a vulnerability in Kaspersky Anti-Virus, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused due to a design error in the "klif.sys" driver where the pages insecurely has the supervisor bit disabled. This can be exploited to execute arbitrary code inside the driver.
The vulnerability has been reported in versions 5.0.227, 5.0.228, and 5.0.335 on a system running Microsoft Windows 2000.
Solution:
The vulnerability has been fixed in the following versions.
http://www.kaspersky.com/productupdates* Kaspersky Anti-Virus Personal 5.0.372
* Kaspersky Anti-Virus Personal Pro 5.0.372
* Kaspersky Personal Security Suite 1.0.53
* Kaspersky Anti-Virus for Windows Workstations 5.0.205
* Kaspersky Anti-Virus for Windows File Servers 5.0.52
Kaspersky Anti-Virus running on Microsoft Windows XP is reportedly not affected.