Security Experts:

Connect with us

Hi, what are you looking for?



PrivDog Releases Update After Being Compared to Superfish

The developers of PrivDog released an update for the application on Monday after researchers discovered that it failed to validate SSL certificates.

The developers of PrivDog released an update for the application on Monday after researchers discovered that it failed to validate SSL certificates.

PrivDog is designed to make surfing the Web safe and private by blocking processes that track users’ activities and by replacing ads with ones that have been vetted by AdTrustMedia. It’s not uncommon for advertising-related apps to put users at risk, but this shouldn’t be the case with PrivDog since the software is backed by Comodo, the renowned security firm and certificate authority. PrivDog is not only promoted by the company, but it’s also bundled with Comodo solutions.

The existence of the security issue came to light just days after the world learned that Lenovo had preloaded an insecure browser add-on from Superfish on new laptops. The Superfish app used a local proxy and a self-signed root certificate to intercept traffic and inject ads into webpages.

The problem, as highlighted by security experts, was that the program broke HTTPS browsing and exposed users to man-in-the-middle (MitM) attacks because all of the certificates had been signed with the same private key protected by the same weak password.

After a detailed analysis, researchers discovered that the vulnerability had been caused by libraries developed by Komodia. These libraries have been used in at least a dozen other applications and even malware.

PrivDog doesn’t use the libraries from Komodia, but a different third party component which, according to experts, is just as problematic. Because it doesn’t validate SSL certificates, the application exposes users to HTTPS spoofing attacks.

“The MITM capabilities are provided by Although the root CA certificate is generated at install time, resulting in a different certificate for each installation, Privdog does not use the SSL certificate validation capabilities that the NetFilter SDK provides. This means that web browsers will not display any warnings when a spoofed or MITM-proxied HTTPS website is visited,” the CERT Coordination Center at Carnegie Mellon University explained in an advisory.

In an advisory published on Monday, PrivDog noted that the issue affects versions and, but it does not impact the plugin distributed with Comodo Browsers. The company highlighted that while the flaw caused browsers not to trigger warnings for self-signed certificates, it did not break encryption.

The updated version of PrivDog can be downloaded from the official website, but it is also distributed automatically, the company said.

According to PrivDog, the vulnerability impacts up to 57,568 users, roughly 6,000 of which are located in the United States.

CloudFlare’s Filippo Valsorda has updated his Superfish testing tool to allow users to check if they are running vulnerable versions of PrivDog.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.


Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.