Kaspersky fixed an error affecting 400 million users


Η Kaspersky fixed a certificate validation error in its software that affected 400 million users.

Discovered by her stubborn bug-hunter Tavis Ormandy Google. The flaw lies in how the antivirus of the company inspects the encrypted traffic.Kaspersky

As it decrypts the traffic before the inspection, Kaspersky presents its certificates as a trusted authority. If a user opens Google in its browser, for example, the certificate will appear to come from Kaspersky Anti-Virus Personnel Root.

The problem that Ormandy found was that the internal certificates were incredibly weak.

“As new certificates and keys are created, they are entered using the first 32 bits of 3MD5 (serialNumber || issuer) as a key… You do not need to be a cryptographer to understand that a key 32bit not enough to prevent attacks brute-force", Says the researcher.

For error reporting Ormandy gave one PoC conflict of certificates between Hacker News and manchesterct.gov:

“If you use Kaspersky Antivirus on Manchester, and you wonder why Hacker News does not work sometimes, it is because a critical vulnerability has disabled certificate validation SSL to its 400 million users Kaspersky. "

Kaspersky reportedly corrected the 28 December error.

Kaspersky: SSL interception differentiates certificates with a 32bit hash


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news