Critical weakness in some implementations of SSL/TLS: updated versions, Security Advisory, and solutions.



Connectikpeople.co recalls that FREAK (Factoring Attack on RSA-EXPORT Keys CVE-2015-0204) is a weakness in some implementations of SSL/TLS that may allow an attacker to decrypt secure communications between vulnerable clients and servers.

Google has released an updated version of its Android OS and Chrome browser for OS X to mitigate the vulnerability. Microsoft has released a Security Advisory that includes a workaround for supported Windows systems.

Therefore, Users and Administrators are encouraged to review Vulnerability Note VU#243585 for more information and apply all necessary mitigations as vendors make them available. Users may visit freakattack.com to help determine whether their browsers are vulnerable. 

(Note: Connectikpeople.co does not endorse any product or service. The links are provided for informational purposes only.)

Popular Posts