HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

Security vendor Kaspersky Lab has updated its antivirus products to fix an issue that exposed users to traffic interception attacks.

The problem was found by Google vulnerability researcher Tavis Ormandy in the SSL/TLS traffic inspection feature that Kaspersky Anti-Virus uses to detect potential threats hidden inside encrypted connections.

Like other endpoint security products, Kaspersky Anti-Virus installs a self-signed root CA certificate on computers and uses it to issue “leaf,” or interception, certificates for all HTTPS-enabled websites accessed by users. This allows the product to decrypt and then re-encrypt connections between local browsers and remote servers.

To read this article in full or to leave a comment, please click here

Read more: HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

Story added 4. January 2017, content source with full text you can find at link above.