BullGuard patches online backup client
Bullguard has released a patch for the security hole in its backup software that was discovered recently by heise Security. Because the client did not check the server's certificate, attackers could break into the connection as a man in the middle and sniff encrypted administration information on the wire.
Theis Søndergaard, CTO of BullGuard, told heise Security that the update is being distributed by the client's automatic update function. Update release has been scheduled for 26-28 May.
See also:
- Automatic patch released for vulnerability in BullGuard Backup, announcement by BullGuard
(mba)