Tls 1.1, 1.2 Problems In Bdis 2014
I noticed some strange behaviour in BitDefender Internet Security 2014 (and maybe in AV also), regarding the ‘Scan SSL’ option in privacy settings. When this option is enabled TLS 1.1 and 1.2 are no longer used by Chrome and IE 11, and probably FireFox that I didn’t test.
To reproduce the error, enable ‘Scan SSL’ in privacy settings and visit https://www.howsmyssl.com you’ll see the (BEAST exploit) compromised TLS 1.0 is used, though both Chrome and IE 11 should be using TLS 1.2. Visiting the link will tell you your TLS 1.0 is Bad.
Now when the ‘Scan SSL’ setting is disabled and visiting above link you’ll see you are connected whit TLS 1.2 and all security options say you’re good to go.
This info has been send to support too, just wanted you guys to know.
Kind regards, Z.
Comments
-
+1
There is a post regarding this problem:
http://forum.bitdefender.com/index.php?s=&...st&p=228105
Activating 'Scan SSL' breaks TLS configuration of browser, unsecure SSLv3 is allowed:0