Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Superfish SSL interception library found in several applications

Superfish SSL interception library found in several applications

2015/02/23

Securityweek - (International) Security researchers discovered that the Komodia Redirector and SSL Digestor, originally used by the Superfish software preinstalled on Lenovo laptops can be found in several products and at least 12 Facebook applications using the SSL interception library. The researchers stated that Komodia's proxy software does not properly implement SSL or validate certificates, enabling attackers to potentially hijack affected users' connections.

Source: http://www.securityweek.com/superfish-ssl-interception-library-found-several-applications-researchers

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:31