Kaspersky is not updating

by  |  19-Jul-2016 19:15

kaspersky is not updating-35kaspersky is not updating-19kaspersky is not updating-49

Ormandy's bug report gave, by way of demonstration, a collision between Hacker News and manchesterct.gov: "If you use Kaspersky Antivirus in Manchester, Connecticut and were wondering why Hacker News didn't work sometimes, it's because of a critical vulnerability that has effectively disabled SSL certificate validation for all 400 million Kaspersky users." Kaspersky fixed the issue on December 28.

® Update: Kaspersky has provided the following statement detailing its fixes.

You can update the Kaspersky antivirus signature database offline without using a direct Internet connection.

This is required in some security installations and for sites that access the Internet through a proxy server.

You don't have to be a cryptographer to understand a 32bit key is not enough to prevent brute-forcing a collision in seconds.

Community Discussion