Bitdefender update patches Safepay error handling bug

Reading time icon 2 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Key notes

  • BitDefenderโ€™s Safepay had a bug that malicious actors could have exploited in RCE attacks.
  • BitDefender issued an update that patches the browser vulnerability.
  • Feel free to visit the BitDefender page to learn more about downloading and securing your Windows 10 PC with the antivirus tool.
  • For tips and guides to optimizing your PC security, check out the Security & Privacy page.
BitDefender browser bug

The Bitdefender is one of the most popular antivirus solutions for resolving different types of cyber threats, including data theft, ransomware, and distributed denial of service (DDoS) attacks.

But itโ€™s got its own inherent security flaws as cybersecurity researcher Wladimir Palant revealed recently.

Notably, Bitdefenderโ€™s Safepay had a bug that malicious actors could have exploited in remote code execution (RCE) attacks.

Bitdefender fixes Safepay bug

Palant brought the Safepay issue to the attention of Bitdefender, which swiftly released an update with a security fix.

Safepay is a browser security component that should protect your online transactions, including banking and e-shopping. Its objective is to put your browser activity in a sealed environment, making the theft of your personal information difficult.

It is ironic, then, that the same antivirus component meant to protect your browser could have been breached by cybercriminals.

Bitdefender has since released an advisory on the Safepay bug it patched:

Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116.

The HTTPS error handling issue in Safepay

The CVE-2020-8102 flaw in Safepay has something to do with the way Bitdefender handles HTTP connections.

According to Palant, the antivirus tool handles HTTP error certificates instead of leaving that task to the browser. So, when the solution encounters a suspicious security certificate, it offers the user the option of exiting to safety or proceeding to open the web page in question.

But the URL in the browserโ€™s address bar remains the same, which appears to be the root cause of the RCE vulnerability.

For example, a hacker could load a malicious page in the Safepay by first presenting a valid certificate on initial request before changing to an invalid one from the same server. The vulnerable browser wonโ€™t stop the suspicious page behavior.

Thankfully, Palant’s is only a proof of concept (PoC), which is no evidence that some bad actors actually tried to exploit the RCE bug in Safepay.

As always, youโ€™re welcome to leave any suggestions or questions in the comments section below.

More about the topics: Bitdefender Fixes

User forum

0 messages