Security firm Kaspersky has acknowledged a flaw in its antivirus engine and said that it will released a patch today.
The vulnerability could allow a hacker to take control of the software by sending a specially crafted CAB file which crashes the antivirus application.
This attack could be executed without any need for user intervention, and the flaw has been rated 'critical' by vulnerability testers.
"Kaspersky confirms the presence of a vulnerability in a Kaspersky Anti-Virus module used to process CAB files," said the company in a statement.
"The actual threat posed by the vulnerability is minimal. Updates eliminating the vulnerability will be released on 5 October 2005 and will be available for installation using standard updating procedures."
The security firm said that it altered the CAB files used in its antivirus software on 29 September to reduce the threat.
Affected products are Kaspersky Anti-Virus Personal, Pro 5.0, Anti-Virus 5.0 for Windows Workstations and Windows File Servers, and Personal Security Suite 1.1.
Kaspersky thanked security researcher Alex Wheeler, who contacted the company about the flaw on 24 September, for not publishing exploit code.
Nvidia brings Turing microarchitecture into the high-end gaming segment
Did you make the shortlist for the UK's most respected IT event?
Latest Tesla news: Tesla share price continues to fall after Saudi Arabia's sovereign wealth fund is linked to investment in rival
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
RTX 280 Ti will come with 11GB of fast GDDR6 video RAM with a 352-bit memory bus offering 616Gbps