"The Synopsys Cybersecurity Research Center (CyRC) team has identified a local privilege escalation vulnerability in Kaspersky VPN Secure Connection for Microsoft Windows... In the Support Tools part of the application, a regular user can use Delete service data and reports to remove a privileged folder. Based on this capability, an attacker can leverage Arbitrary Folder Delete to SYSTEM EoP to gain SYSTEM privileges, Synopsys researchers say... To remediate, Synopsys is urging Kaspersky users to upgrade their software to version 21.7.7.393 or later..." https://www.securitymagazine.com/articles/98112-new-kaspersky-security-vulnerability-identified
Thanks for the heads-up, @hawki . I had the vulnerable version but I can't find any way to update the VPN so I signed into my'kaspersky.com and downloaded the installer, which gave me 21.7.7.393.
Yeah, it's OK. Pretty basic really but it is fast enough and doesn't leak. I'll probably renew again if I can find a decent price.
Well, I'm starting to get irked by Kaspersky VPN. Connecting to various US cities gives unexpected results. I used to connect to LA because that is about the closest and fastest to Sydney via undersea cables. Then when I visited history.com it would translate into (I think) Spanish. Since then I started connecting to San Jose because it looks close to LA on the map and solved the history.com problem. Today I connected to SJ but when I visited history.com I got transferred to some other site. YouTube showed I was connected to Luxembourg for some very strange reason. For now I have connected to Portland and all seems well again, but for how long I wonder?
