Apple And Google Announce FREAK SLL Vulnerabilty Fixes

Posted: Mar 4 2015, 1:42am CST | by , Updated: Mar 4 2015, 2:17am CST, in News | Technology News

 
Apple and Google announce FREAK SLL Vulnerabilty Fixes
Photo Credit: Getty Images

Don't Miss: This How to find Fingerlings in Stock

Apple will update OS X and iOS to close a security whole in secure HTTP communications. Google already supplied a patch to its Android partners.

A new SSL vulnerability has been discovered yesterday that allows man-in-the-middle attacks of traffic between Android, iOS and OS X devices and secure HTTP sites including banks and credit card companies. The FREAK attack, FREAK stands for Factoring attack on RSA-EXPORT Keys, is critical as it is a cheap and rather fast hack. Ars Technica reports that an attack costs $100 per site and takes 7 hours to perform.

Apple and Google reacted reasonably quick and announced according to Reuters fixes for FREAK. Google spokeswoman Liz Markman said that they already developed a patch, and provided it to its partners. Google is though not in control when its partners are releasing the patch to its customers.

Apple spokesman Ryan James said that the software update to fix FREAK will be released for iOS and OS X next week.

A research team from organizations that include INRIA Paris-Rocquencourt and Microsoft have published FREAK and several other SSL-related vulnerabilities disclosed on Tuesday. The vulnerability is described in CVE-2015-0204.

The fix FREAK it also requires web site owners to patch their Secure Socket Layer implementation. From 14 million sites scanned more than 36% are vulnerable. Websites that support RSA export cipher suites (e.g., TLS_RSA_EXPORT_WITH_DES40_CBC_SHA) are at risk to having HTTPS connections hacked.

To find out more visit the Freak Attack site. The site lists web sites that are still vulnerable and unsafe to use. As of March 3. 9pm EST the list of insecure sites include AmericanExpress.com, jcrew.com, bloomberg.com and kohls.com.

Holiday Gift Guides and Deals

Get your Holiday gifting inspired by Best Toy Gifts with High STEM Value and the Top 10 toy gifts under $10 if you are on budget. The most popular Holiday 2017 toy list include Fingerlings, Crate Creatures and more. Don't miss the new Holiday deals on Amazon Devices, including $29.99 Fire tablet.

This story may contain affiliate links.

This free App Solves You Holiday Shopping Problem


Download the free Tracker app now to get in-stock alerts on Fingerling, Luvabella, SNES Classic and more.

Latest News

Comments

The Author

<a href="/latest_stories/all/all/2" rel="author">Luigi Lugmayr</a>
Luigi Lugmayr () is the founding chief Editor of I4U News and brings over 15 years experience in the technology field to the ever evolving and exciting world of gadgets. He started I4U News back in 2000 and evolved it into vibrant technology magazine.
Luigi can be contacted directly at ml@i4u.com.

 

 

Advertisement

comments powered by Disqus