Free Virus Scan   |   Free Trials   |   Site Map

United States

Kaspersky Americas Support and Services

CLOSE
Kaspersky Lab – a leading vendor of security software against malicious and unwanted software, hacker attacks and spam – presents a new service “FastTrack support”. This service provides helpful information how to manage the product for home users, gives answers to FAQ and tips how to fight malicious programs.
Start FastTrack for Kaspersky
Internet Security 2010
Start FastTrack for Kaspersky
Anti-Virus 2010
CLOSE
CLOSE

Security Vulnerabilities

Kaspersky 2009 includes a scan for insecure software, which are detected in the Full Scan as Vulnerabilities. One thing should be cleared up before we start - These Vulnerabilities are not Viruses, Malware or False Positives.
 

What are they?

Vulnerabilities are legitimate programs with known security holes that put you at some risk. There are two possible reasons these are being detected:
  • Outdated software, such as Microsoft Office, Java, Flash Player, QuickTime.
  • Temporary files leftover from installing or updating a program, or updating Windows.

What should I do with them?

Updating the vulnerable software will improve your security.

The Detected button at the bottom of the main Kaspersky window will list what files are detected as vulnerable, as well as a link to our VirusList.com website with more information about that vulnerability. To quickly get that info, please right-click on the detected item and choose Go to Description.

The VirusList.com Vulnerability Advisory page will provide technical info which may of interest to advanced users, but all you need is the link in the Solution section. Some Advisories may have multiple links listed, if you are not sure which one you need please contact your program's provider.
 

How should I install these updated programs that will resolve my vulnerability?

With most programs, you can just install the new version on top of the existing application. An exception to this rule is Java, which you should remove through the Control Panel prior to installing the new version (it may appear more than once in the list).
 

I've installed new versions of the vulnerable programs, but they still appear?

The list of detected vulnerabilities will remain until the next time you do a Full Scan. When you start the Full Scan, it will prompt you to clear the list of Vulnerabilities, please choose Yes to clear.

Some programs do not remove their old versions when installing the new versions, such as Java. If you know you are up to date and still have some entries, you can either ignore them or exclude them from being scanned. To exclude a vulnerability, right-click on the detected line and choose Add to Exclusions, then click OK.

Updating will usually not clear vulnerable files in temporary folders.
 

I have Windows XP and Windows Automatic Updates are on. How can I get updates for Microsoft Office?

Windows XP's original update process was separate from the Microsoft Office update process. To get the improved updating system called Microsoft Update, please visit the below link using Internet Explorer: http://update.microsoft.com

If you see "New! Get Microsoft Update today!" on that page, please click on the Go button next to that. That will install an update system that will patch Windows, Office and other Microsoft programs. This will also upgrade your Windows Automatic Updates service to download Office patches automatically in the future. You may need to restart the computer and revisit Microsoft Update again to get all updates.
 

Can I skip the Vulnerability part of the Full Scan?

You can disable this feature if you wish, but it is not recommended.
  • In the main Kaspersky window, click on Settings.
  • Click on Full Scan on the left.
  • Click on Settings on the right.
  • Click on the Additional tab.
  • Uncheck the option for Signature scan of vulnerabilities.
  • Click OK twice to save the settings.

To do a scan just for Vulnerabilities, see the below step.
 

How can I scan for Vulnerabilities without doing a Full Scan?

The Kaspersky Security Analyzer can do a Full Security Diagnostic which will only scan for Vulnerabilities.
  • In the main Kaspersky window, click on System Security on the left.
  • Click on Security Analyzer on the right, it looks like a shield.
  • Click on Full Diagnostics.
  • When the Diagnostics completes, it will show a list of Vulnerable Applications if any are detected. Click on the link in the Solution column to go to the VirusList.com Vulnerability Advisory page.
  • Click System Analysis to continue.
  • Recommended Actions will be checked on, you do not need to add from Additional Actions. Click Correct.
  • Click Finish.

 

The Criticality column says these are Dangerous or Very Dangerous, is that the case?

Just as it is important to keep Kaspersky and Windows up to date, it is also important to keep the other programs on your computer up to date. The classification is based on how much potential risk you have using the vulnerable program, or how much damage a hacker could do if they could exploit the flaw. We understand this classification system can be confusing and are looking at changing it in future versions.
 

What is the Quarantine option for?

The Quarantine line is to put a file into Quarantine that you believe is infected, but Kaspersky isn't detecting. This is why it opens a Browse window for you to locate a file. Vulnerabilities are not viruses, and Quarantining them can impair the operation of your computer. Most users will not need to manually Quarantine a file.
 

For more info about Vulnerabilities:

Please visit our website at these two links:
 

You can also get further help for your vulnerabilities on our Forum: