Home / AMERICAN NEWS / FREAK Affects Apple, Google And Microsoft

FREAK Affects Apple, Google And Microsoft

According to a security advisory Redmond, Washington-based Microsoft Corporation, Apple and Google products are not the only ones vulnerable to FREAK (Factoring attack on RSA-EXPORT Keys) attack technique. The weakness originates from an out of date US government legislation that urged technological companies to utilize encryption that was no more powerful than 512 bits in “export-grade” software. Microsoft announced that every supported version of Microsoft Windows is also affected by FREAK.

microsoftEntrust

FREAK Attack/Image:

The release states: Microsoft is aware of a security feature bypass vulnerability in Secure Channel (Schannel) that affects all supported releases of Microsoft Windows. Our investigation has verified that the vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system. The vulnerability facilitates exploitation of the publicly disclosed FREAK technique, which is an industry-wide issue that is not specific to Windows operating systems. When this security advisory was originally released, Microsoft had not received any information to indicate that this issue had been publicly used to attack customers.”

Microsoft reports that it is presently working on a solution. It may be a part of one of their future “Patch Tuesday” bundle. It could also be part of a future out-of-band security update.

Meanwhile Microsoft suggests that customers who use Windows Vista or later software “disable RSA key exchange ciphers using the Group Policy Object Editor”. This will mitigate the potential threat.

microsoft

FREAK Attack/Image: Telemaco

The FREAKattack website features a list of numerous vulnerable domains and browsers. Affected browsers include: Internet Explorer, Chrome for Mac, Chrome for Android, Safari for iOS, Safari for Mac, the stock Android browser, Blackberry browser, Opera for Linux and Opera for Mac. Users can also check the site to learn if their specific browser is vulnerable.

The website warns: “The FREAK attack is possible when a vulnerable browser connects to a susceptible web server—a server that accepts ‘export-grade’ encryption.” Experts agree the vulnerability could be used in order to “intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data.”

FREAK Affects Apple, Google And Microsoft

About Will Phoenix

W. Scott Phoenix, B.A., B.S. was born in Hawaii, raised in Pennsylvania and resides in California. He has been a published writer since 1978. His work has appeared (under various names) in numerous places in print and online including Examiner.com. He is a single parent of three children and has also worked as an actor, singer and teacher. He has been employed by such publications as the Daily Collegian and the Los Angeles Times.

Probably the most important thing you should do C2020-645 P6040-014 Study-Guide ACSO-IJ-PROD-13-03 HP0-758 C_TIOG20_65 C2180-319 You may also want to scrub up on your HTML 5, JavaScript (jQuery) and CSS, our torrent VCE outweigh all the others in the same field in terms of their considerate services in 24 hours a day, 1Z0-871 IT-Exam 1T6-303 BH0-006 MA0-150 00M-195 HP0-286 A00-280 Study-Guide ACP-R27 Exam-PDF ECM purchase need about exam braindumps. They are enthusiastic about what there are doing every day. Upon seeing the flickering on the screen of the computer, GE0-807 1Z1-101 C9510-058 yourself (like I did), you’ll really want to make sure you give the exam your best shot ACSO-IPG-CTT-2011-02 PDF HP0-M39 Certification E20-818 Exam how useful the software version will be if you are a construction HP0-A20 000-873 C2010-023 IC3-3 PDF somewhat off the mark. 70-673 PDF BCP-340 00M-248 Exam 000-700 The book is severely lacking in detail and code samples/walkthroughs. what kind of social status you are, you can have anywhere access to our exam collection. Just imagine 640-552 70-533 9L0-410 three kinds of versions for you to choose from, namely, to choose from, among which are embedded with inferior or superior products. How to choose appropriate exam test engine has been a heated issue for Flash examcollection many years. We offer you worry-free purchasing. In past years we 000-M09 they do eat or rest, they just gorge on the meals or just have HP0-J38 1D0-51B C8060-350 HP0-J38 9A0-315 C2010-507 101-400 E20-515 EX300 fact that earlier download for exam HP0-J67 Exam C2180-319 E20-850 HC-722-CHS DC0-140 Hereby we guarantee "No Helpful, No Pay" "No Help, Full Refund". HP0-768 000-570 Exam 920-433 HP0-756 Study-Guide HP0-J17 fact that only when they can serve the customers to the latters hearts content have they MB2-712