The same removal instructions should be applied to all certificates installed by products that use the Komodia SDK, but identifying them is not easy and it's unlikely that all affected products have been found. Users shouldn't remove any of the legitimate certificates that are in the Windows or Firefox certificate stores, because that could generate certificate errors on legitimate websites.
It's not clear if any way will be found to fix this issue for all affected users that lets them avoid manually removing certificates. As Matthew Green, a cryptography professor at Johns Hopkins University, explains in a blog post, browser vendors can't simply blacklist the certificates in their respective browsers because the affected software would continue to re-sign legitimate certificates and this would generate certificate errors that would prevent users from connecting to websites.
Microsoft is also unlikely to push an update that removes legitimate programs from computers that were willingly installed by users, such as parental control applications, because that would set a dangerous precedent.
Sign up for CIO Asia eNewsletters.