Security vendor Kaspersky Lab has updated its antivirus products to fix an issue that exposed users to traffic interception attacks. The problem was found by Google vulnerability researcher Tavis Ormandy in the SSL/TLS traffic inspection feature. A 32-bit key is very weak and an attacker could easily craft a certificate that matches the same key, creating a collision. This allows the product to present the same certificate when the user visits the same website again instead of regenerating it. The company fixed the issue on Dec. 28.”]