Apple And Google Announce FREAK SLL Vulnerabilty Fixes

Posted: Mar 4 2015, 1:42am CST | by , Updated: Mar 4 2015, 2:17am CST, in News | Technology News


Apple and Google announce FREAK SLL Vulnerabilty Fixes
Photo Credit: Getty Images

Apple will update OS X and iOS to close a security whole in secure HTTP communications. Google already supplied a patch to its Android partners.

A new SSL vulnerability has been discovered yesterday that allows man-in-the-middle attacks of traffic between Android, iOS and OS X devices and secure HTTP sites including banks and credit card companies. The FREAK attack, FREAK stands for Factoring attack on RSA-EXPORT Keys, is critical as it is a cheap and rather fast hack. Ars Technica reports that an attack costs $100 per site and takes 7 hours to perform.

Apple and Google reacted reasonably quick and announced according to Reuters fixes for FREAK. Google spokeswoman Liz Markman said that they already developed a patch, and provided it to its partners. Google is though not in control when its partners are releasing the patch to its customers. 

Apple spokesman Ryan James said that the software update to fix FREAK will be released for iOS and OS X next week.

A research team from organizations that include INRIA Paris-Rocquencourt and Microsoft have published FREAK and several other SSL-related vulnerabilities disclosed on Tuesday. The vulnerability is described in CVE-2015-0204.

The fix FREAK it also requires web site owners to patch their Secure Socket Layer implementation. From 14 million sites scanned more than 36% are vulnerable. Websites that support RSA export cipher suites (e.g., TLS_RSA_EXPORT_WITH_DES40_CBC_SHA) are at risk to having HTTPS connections hacked. 

To find out more visit the Freak Attack site. The site lists web sites that are still vulnerable and unsafe to use. As of March 3. 9pm EST the list of insecure sites include,, and

You May Like


The Author

<a href="/latest_stories/all/all/2" rel="author">Luigi Lugmayr</a>
Luigi Lugmayr () is the founding chief Editor of I4U News and brings over 15 years experience in the technology field to the ever evolving and exciting world of gadgets. He started I4U News back in 2000 and evolved it into vibrant technology magazine.
Luigi can be contacted directly at




Leave a Comment

Share this Story

Follow Us
Follow I4U News on Twitter
Follow I4U News on Facebook

You Also Like


Read the Latest from I4U News