Solutions

Advisory issued on 23rd October, 2020

Administrator Oct-23rd, 2020 5:38 0 0

Description

Multiple K7 Security Products incorrectly handled invalidating certain crafted untrusted TLS certificates.

List of affected products

K7TotalSecurity, K7UltimateSecurity & K7 Endpoint Security Products

Fixed Versions

K7 Computing recommends that all customers update their products to the corresponding minimum versions shown below:

K7UltimateSecurity (16.0.0650),K7TotalSecurity (16.0.0653),K7TotalSecurity-Endpoint (16.1.0621),K7 Endpoint Security (14.2.0655),K7 Enterprise Security (14.2.0708) and K7Business Security (14.2.0368).

Acknowledgments

We would like to express our gratitude to AV-Comparatives for reporting this bug to us along with comprehensive contextual POC details.

Vote

Was this article helpful?
0 out of 0 found this helpful