Lithuania Bans Kaspersky Lab Products on Critical Systems

It seems the U.S. government’s ban on Kaspersky Lab products is having echoes in other countries. The Lithuanian government also wants the company’s products removed from computers that control critical infrastructure.

At a meeting of the Lithuanian government Dec. 20, it was decided that Kaspersky Lab software was “a potential national security threat” and that managers of critical infrastructure in the energy, finance, transport and other sectors will be required to replace it “with safe equivalents.”

“We have to ensure cyber security of the state therefore it is a timely decision of the Government taken with regard to the assessment of threats and vulnerabilities,” Vice Minister of National Defence Edvinas Kerza said in a statement. “We have cooperated with other state institutions to find solutions and measures proportional to the estimated threat.”

Businesses and public sector organizations that are not forced to comply with the ban were advised to individually assess the risks that the antivirus software poses to their systems.

The Lithuanian National Cyber Security Centre will provide assistance and guidance to institutions affected by the order and will also have to report back to the government on the progress of the ban’s implementation.

Earlier this week Kaspersky Lab announced that it’s taking the U.S. government to court over a similar decision, claiming that the government’s action harmed its reputation and commercial operations without any evidence of wrongdoing.

“The company did not undertake this action lightly, but maintains that DHS failed to provide Kaspersky Lab with adequate due process and relied primarily on subjective, non-technical public sources like uncorroborated and often anonymously sourced media reports and rumors in issuing and finalizing the Directive,” Kaspersky Lab said in an open letter.

The U.S. Department of Homeland Security issued a binding directive in September, ordering all departments and agencies of the federal government’s executive branch to prepare for the removal of Kaspersky Lab products from their systems within 90 days. The DHS cited concerns about the ties between Kaspersky officials and Russian intelligence and other government agencies.

A ban on Kaspersky software was also included in the Fiscal Year 2018 National Defense Authorization Act (NDAA), a bill that President Trump signed into law last week.

Kaspersky believes that it is the victim of geopolitical tensions and has repeatedly denied having inappropriate ties with any governments or intelligence agencies.

VMware Patches Remote Code Execution Flaw in Several Products

VMware has released security updates for its ESXi, Workstation and Fusion products in order to fix two remote code execution vulnerabilities in their VNC implementation.

VNC (Virtual Network Computing) is used in VMware products for remote management, remote access and automation. The company’s shared VNC code base has two vulnerabilities, discovered by researchers from Cisco’s Talos team, that could be exploited through authenticated sessions.

One flaw is a stack overflow and the other is a heap overflow. Both can be triggered with a specific set of VNC packets and can be exploited during an authenticated VNC session to achieve remote code execution in a virtual machine, VMware said in a security advisory.

For the flaws to be exploitable in ESXi, VNC must be manually enabled in a virtual machine’s .vmx configuration file and ESXi must be configured to allow VNC traffic through the built-in firewall, the company said.

A separate local privilege escalation vulnerability was fixed in the vCenter Server Appliance (vCSA). The flaw was located in the showlog plugin and could allow a low privileged user of the appliance OS to gain root access.

A stored cross-site scripting (XSS) vulnerability was also fixed in the ESXi Host Client. The flaw could allow an attacker to inject rogue JavaScript code that would be executed when other users access the client.

Featured eBook
The State of Security RSA Special Report

The State of Security RSA Special Report

The big trends shaping cybersecurity today. Security teams face enormous challenges. Not only from attackers who are always looking for new ways to get to their applications and data, but also the constant evolution of the very technologies security professionals must defend. This complimentary download is offered by Security Boulevard. Download Now ... Read More
Security Boulevard

Lucian Constantin

Lucian has been covering computer security and the hacker culture for almost a decade, his work appearing in many technology publications including PCWorld, Computerworld, Network World, CIO, CSO, Forbes and The Inquirer. He has a bachelor's degree in political science, but has been passionate about computers and cybersecurity from an early age. Before he chose a career in journalism, Lucian worked as a system and network administrator. He enjoys attending security conferences and delving into interesting research papers. You can reach him at lucian@constantinsecurity.com or @lconstantin on Twitter. For encrypted email, his PGP key's fingerprint is: 7A66 4901 5CDA 844E 8C6D 04D5 2BB4 6332 FC52 6D42

lucian-constantin has 182 posts and counting.See all posts by lucian-constantin