This announcement was made by security researcher Alex Wheeler. Other third-party products can be affected by this vulnerability.
Multiple products from Kaspersky (on multiple platforms) are affected by this flaw because all use a common library.
The French Security Incident Response Team warned that a remote attacker could exploit the heap overflow flaw by sending a malformed CAB file to the vulnerable system. The file can be mailed, and if it’s accepted the system is compromised. There is no need for user interaction.
This “critical” issue will be investigated, as the Russian company stated on Monday.
Lately, hackers developed a habit from exploiting any flaws or bugs in the security software. This new trend is probably adopted because Microsoft eliminates continuously errors from its Windows.