Computers using supported Microsoft Windows version are vulnerable to “FREAK,” a decade-old encryption error leaving users vulnerable to electronic communications interception while visiting any websites (including Whitehorse.gov, NSA.gov and FBI.gov). The error was previously estimated to be limited till Apple’s Safari and Google’s Android, but now it has gone beyond them affecting others too.
Lately Microsoft has also notified that encryption protocols used in Windows Secure Sockets Layer and its descendant Transport Layer Security have also become vulnerable to the error.
Microsoft said in its advisory that, their investigation has confirmed the vulnerability. This vulnerability could enable an attacker to force the downgrading of cipher suites used in an SSL/TLS connection on a Windows client system. The vulnerability facilitates exploitation of FREAK technique making it an industry-wide issue for global Windows users.
Microsoft also assured that it will address the flaw through its regularly scheduled Patch update or through an out-of-cycle patch. In the meantime, Microsoft recommended disabling the RSA export ciphers.
The FREAK (Factoring RSA Export Keys) flaw came to light when a group of researchers revealed that they could force websites to use purposely deteriorated encryption, which they were able to break within few hours. Once the encryption of a website was cracked, hackers could steal data such as passwords and hijack elements on the page.
Researchers also claimed that any evidence of hackers exploiting the vulnerability doesn’t exist till date. The researchers held a former US policy banning US companies from exporting the strongest encryption standards, responsible for this.
The restrictions were revoked in the late 1990s however; the delicate standards were already part of software used widely, including Windows and the web browsers.
The export-grade RSA codes are the remnants of 1980s-vintage effort to weaken cryptography so that intelligence agencies are able to monitor. This was done so deficiency that the scrapped policies are still throbbing us.
Hii I am James Mark Thanks for sharing such a great information. It’s really nice and informative. If you are searching Mac Support Number 1-844-292-4927in USA and Canada, if you are facing nay issues about Mac Technical Support 1-844-292-4927 Account then feel free to contact us 1-844-292-4927, we have Apple Certified Technician to resolve Apple Problems with in very short time period.
ReplyDeleteResolve Yahoo Mail problem in window and Mac Pc by calling Yahoo Tech support Helpline Number Reliable support for Yahoo Mail users. You can contact directly Yahoo Toll free helpline Number # 1-844-292-4927 USA
ReplyDelete