‘FREAK’ vulnerability identified on Windows, Apple and Android

Written by:
Date Posted:
10 March 2015

The latest in a string of security vulnerabilities has been uncovered. Affecting encryption in web browsers, the loophole could allow hackers to access private information.

The FREAK (Factoring RSA Export Keys) bug affects Windows, Apple and Android web browsers and devices. The vulnerability dates back more than a decade and was uncovered last week by an encryption and security expert.

The bug is thought to be an unwanted result of a previous US encryption policy that stopped the export of stronger encryption technology to other countries. Therefore weaker encryption was used on certain websites and software to comply with the regulations at the time.

The FREAK vulnerability could allow attackers to spy on supposedly secure connections over a browser. This bug could potentially affect millions of iPhone, iPad, Android and personal computer users.

FREAK works by exploiting the vulnerability when a secure connection is made, but before the encryption has taken place. Therefore attackers could potentially decrypt login information from your HTTPS connection.

Apple, Google and Microsoft are preparing patches and security updates, which are expected to be released this week. Google have already updated their version of Chrome for Mac users.

Users are advised to be extra cautious whilst making transactions online and to update their devices and browsers as soon as the updates are released.

No votes yet.
Please wait...

Find out why Safestore adopted Hyve as their hosting provider

Case Studies

Hyve are 100% carbon neutral. We use carbon offsetting to balance out the release of carbon dioxide from our offices and infrastructure.