Lobsters is a community-driven platform for sharing and discussing links to articles, tutorials, and projects related to technology and programming. Readers can learn about a wide range of topics, from software development and system administration to cybersecurity and artificial intelligence. With user submissions, comments, and voting, Lobsters provides a platform for collaborative learning and knowledge sharing among technology enthusiasts.

Lobsters

H&R Block Business 2025 tax software installs a root CA certificate named 'WK ATX ServerHost 2024' (valid until 2049) into the Windows trusted root store, and critically, includes the private key for this certificate inside a DLL file. This effectively creates a TLS backdoor allowing anyone with the private key to perform man-in-the-middle attacks on machines with the software installed. The certificate persists after uninstalling the software. The author confirmed the attack is viable using mitmproxy and DNS spoofing. When contacted, H&R Block acknowledged awareness of the issue but has not fixed it. A test page is provided to check if your machine is affected, and users are advised to audit their trusted root CA stores.

Tell HN: H&R Block tax software installs a TLS backdoor