Superfish-style vulnerabilities in common security software could leave you open to cyberattack

**NewsCopy** · February 23rd, 2015, 06:06 am

After last week’s revelation that Lenovo placed Superfish’s adware and potentially harmful code on its computers, two other firms have been found adding similar man-in-the-middle code to their software, reports Ars Technica. Security researcher Filippo Valsorda found that anti-virus and online privacy apps from Lavasoft and Comodo caused machines to trust any self-signed certificate from HTTPS sites._The method can expose users to so-called man-in-the-middle attacks, potentially giving hackers access to critical information. The affected apps are Lavasoft’s privacy software Ad-aware Web Companion, which is intended to protect you from malware and prevent hijacking, and Comodo’s PrivDog, which promises to only…

This story continues at The Next Web

-->

Thread: Superfish-style vulnerabilities in common security software could leave you open to cyberattack

Thread Tools

Search Thread

Rate This Thread

Superfish-style vulnerabilities in common security software could leave you open to cyberattack

Thread Information

Users Browsing this Thread

Similar Threads

Microsoft Discusses The Security Risk Presented By Superfish In Lenovo’s PCs

US government urges Lenovo users to remove Superfish, but the software maker denies security ri

Google announces Project Zero to find security vulnerabilities in popular third-party software

Microsoft Fixed Over 29 Windows Security Vulnerabilities On Patch Tuesday

Larger-than-usual Patch Tuesday to address 57 security vulnerabilities

Posting Permissions