Kaspersky fixing serious certificate slip

Updated Kaspersky is moving to fix a bug that disabled certificate validation for 400 million users.

Discovered by Google's dogged bug-sleuth Tavis Ormandy, the flaw stems from how the company's antivirus inspects encrypted traffic.

Since it has to decrypt traffic before inspection, Kaspersky presents its certificates as a trusted authority. If a user opens Google in their browser, for example, the certificate will appear to come from Kaspersky Anti-Virus Personal Root.

The problem Ormandy identified is that those internal certificates are laughably weak. "As new leaf certificates and keys are generated, they're inserted using the first 32 bits of MD5(serialNumber||issuer) as the key ... You don't have to be a cryptographer to understand a 32bit key is not enough to prevent brute-forcing a collision in seconds. In fact, producing a collision with any other certificate is trivial," he writes here.

Ormandy's bug report gave, by way of demonstration, a collision between Hacker News and manchesterct.gov: "If you use Kaspersky Antivirus in Manchester, Connecticut and were wondering why Hacker News didn't work sometimes, it's because of a critical vulnerability that has effectively disabled SSL certificate validation for all 400 million Kaspersky users."

Kaspersky fixed the issue on December 28. ®

Update: Kaspersky has provided the following statement detailing its fixes.

Kaspersky Lab would like to assure its customers that all the vulnerabilities linked to the processing of SSL certificates recently disclosed by Google Project Zero researcher Tavis Ormandy have been successfully fixed<https://support.kaspersky.com/vulnerability.aspx?el=12430>. Our specialists have no evidence that these or any of the previously disclosed vulnerabilities have been exploited in the wild.

Products fixed include: