Jump to content

Recommended Posts

After Poodle is before FREAK. KIS makes PC users not only vulnerable to Poodle (this was fixed in 15.0.2.361 which seems to be pulled back due to several critical bugs), but also to the new FREAK Attack, if "Surveillance of encrypted Network Traffic" (Sorry, don't know the right english name - "Sichere Verbindungen untersuchen" in german) is enabled.

 

You can easily test this on your own. Use a browser that is not vulnerable to FREAK itself (current Firefox for example) and make the test on "https://freakattack.com/clienttest.html". You should not be vulnerable. Now enable the function to inspect encrypted traffic (don't forget to import the KL-Root-Certificate), and reload the testpage - voila - vulnerable to FREAK :( A Security Software that makes the PC less secure!

 

Hopefully Kaspersky will clean their network-stack from these problems with Poodle and FREAK soon!

Share this post


Link to post
... A Security Software that makes the PC less secure! ...

This shouldn't be a surprise. It has been the case for Reverse Heartbleed, Poodle, now Freak and any future critical bug in the OpenSSL library (libeay32.dll), which is used for the KIS feature "Always scan encrypted connections".

 

As long as this "man-in-the-middle feature" is disabled, we are save. So the risk can be estimated.

Share this post


Link to post
It has been the case for Reverse Heartbleed, Poodle, now Freak and any future critical bug in the OpenSSL library (libeay32.dll), which is used for the KIS feature "Always scan encrypted connections".

 

Hi Kurt,

 

Thanks for telling me, that KIS uses OpenSSL, didn't knew that so far. Hopefully KL will switch to one of the more secure Forks of OpenSSL soon ;)

And yes, sadly it's not a surprise at all :(

Sadly, the MitM feature is necessary to scan e-mail-traffic for malware, a long as there is no Anti-Spam/Anti-Virus Plug-in for Thunderbird :(

 

Greets from Austria ;)

Edited by Claus Berghammer

Share this post


Link to post

We have lengthy topics in the German and Italian sections of this forum for this and similar items.

 

Please see: http://support.kaspersky.com/11185#block0

Patch B is installed automatically with database updates for Kaspersky Internet Security version 15.0.2.361 and fixes the following:

 

...

Issue related to the FREAK vulnerability in the OpenSSL library.

...

 

 

If you are concerned with this item, you can uncheck Scan encrypted connections, located in Kaspersky settings > Additional > Network.

 

More information can be had by contacting Tech Support.

Share this post


Link to post
We have lengthy topics in the German and Italian sections of this forum for this and similar items.

 

Please see: http://support.kaspersky.com/11185#block0

If you are concerned with this item, you can uncheck Scan encrypted connections, located in Kaspersky settings > Additional > Network.

 

I don't see it on my system before or after following the steps described by Claus.

 

The system is Windows 8.1 64-bits Professional with the latest patches, Internet Explorer 11.09.9600.17842, Fire Fox 38.0.05, and KIS version 15.0.2.361 (B )

 

Both browsers passes the test at the site referenced by Claus...

 

edit: edit: (b ) sted cool.gif.

Edited by richbuff

Share this post


Link to post

I forgot to add that the recommended security configuration of Windows 8.1 and KIS aren't the only security protections on my system. It also has Microsoft EMET 5.2 and Malwarebyte Anti-Exploit Premium running on this system. I suspect that Malwarebyte may have something to do with stopping the FREAK test.

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.