But it’s got its own inherent security flaws as cybersecurity researcher Wladimir Palant revealed recently. Notably, Bitdefender’s Safepay had a bug that malicious actors could have exploited in remote code execution (RCE) attacks.
Bitdefender fixes Safepay bug
Palant brought the Safepay issue to the attention of Bitdefender, which swiftly released an update with a security fix. Safepay is a browser security component that should protect your online transactions, including banking and e-shopping. Its objective is to put your browser activity in a sealed environment, making the theft of your personal information difficult. It is ironic, then, that the same antivirus component meant to protect your browser could have been breached by cybercriminals. Bitdefender has since released an advisory on the Safepay bug it patched:
The HTTPS error handling issue in Safepay
The CVE-2020-8102 flaw in Safepay has something to do with the way Bitdefender handles HTTP connections. According to Palant, the antivirus tool handles HTTP error certificates instead of leaving that task to the browser. So, when the solution encounters a suspicious security certificate, it offers the user the option of exiting to safety or proceeding to open the web page in question. But the URL in the browser’s address bar remains the same, which appears to be the root cause of the RCE vulnerability. For example, a hacker could load a malicious page in the Safepay by first presenting a valid certificate on initial request before changing to an invalid one from the same server. The vulnerable browser won’t stop the suspicious page behavior. Thankfully, Palant’s is only a proof of concept (PoC), which is no evidence that some bad actors actually tried to exploit the RCE bug in Safepay. As always, you’re welcome to leave any suggestions or questions in the comments section below.
SPONSORED
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
