Security firm Kaspersky has acknowledged a flaw in its antivirus engine and said that it will released a patch today.
The vulnerability could allow a hacker to take control of the software by sending a specially crafted CAB file which crashes the antivirus application.
This attack could be executed without any need for user intervention, and the flaw has been rated 'critical' by vulnerability testers.
"Kaspersky confirms the presence of a vulnerability in a Kaspersky Anti-Virus module used to process CAB files," said the company in a statement.
"The actual threat posed by the vulnerability is minimal. Updates eliminating the vulnerability will be released on 5 October 2005 and will be available for installation using standard updating procedures."
The security firm said that it altered the CAB files used in its antivirus software on 29 September to reduce the threat.
Affected products are Kaspersky Anti-Virus Personal, Pro 5.0, Anti-Virus 5.0 for Windows Workstations and Windows File Servers, and Personal Security Suite 1.1.
Kaspersky thanked security researcher Alex Wheeler, who contacted the company about the flaw on 24 September, for not publishing exploit code.
Scientists believe there could be other hydrides or superhydrides with super conducting properties
Resetting the telemetry circuits and associated boards brought the instrument back to operations mode
Fortnite news and updates: Flaw in Fortnite authentication could have helped attackers steal player login credentials
Attackers could have used Fortnite security flaw to buy in-game currency on players' stored credit cards
New photos show cotton seeds sprouting in sealed container - with other plants expected to sprout within days