The website operator too could view the code and identifier.
Thats a remarkably bad idea, Eikenberg explained.
In other words, any website can read the users Kaspersky ID and use it for tracking.
My inquiries revealed that the leak was introduced with Kasperskys 2016 editions, released in the Autumn of 2015.
And the UUID wasnt hidden.
Several million users must have been exposed overall.
However, the company downplayed the risk posed by the behavior of the tracking ID as a minor flaw.
We would love to thank Ronald Eikenberg for reporting this to us, Kaspersky said.
Those who are worried about the security risks can head to prefs of the Kaspersky Antivirus software.
source: www.techworm.net
