Apple And Google Announce FREAK SLL Vulnerabilty Fixes

Posted: Mar 4 2015, 1:42am CST | by , Updated: Mar 4 2015, 2:17am CST, in Technology News


This story may contain affiliate links.

Apple and Google announce FREAK SLL Vulnerabilty Fixes
Photo Credit: Getty Images

Apple will update OS X and iOS to close a security whole in secure HTTP communications. Google already supplied a patch to its Android partners.

A new SSL vulnerability has been discovered yesterday that allows man-in-the-middle attacks of traffic between Android, iOS and OS X devices and secure HTTP sites including banks and credit card companies. The FREAK attack, FREAK stands for Factoring attack on RSA-EXPORT Keys, is critical as it is a cheap and rather fast hack. Ars Technica reports that an attack costs $100 per site and takes 7 hours to perform.

Apple and Google reacted reasonably quick and announced according to Reuters fixes for FREAK. Google spokeswoman Liz Markman said that they already developed a patch, and provided it to its partners. Google is though not in control when its partners are releasing the patch to its customers.

Apple spokesman Ryan James said that the software update to fix FREAK will be released for iOS and OS X next week.

A research team from organizations that include INRIA Paris-Rocquencourt and Microsoft have published FREAK and several other SSL-related vulnerabilities disclosed on Tuesday. The vulnerability is described in CVE-2015-0204.

The fix FREAK it also requires web site owners to patch their Secure Socket Layer implementation. From 14 million sites scanned more than 36% are vulnerable. Websites that support RSA export cipher suites (e.g., TLS_RSA_EXPORT_WITH_DES40_CBC_SHA) are at risk to having HTTPS connections hacked.

To find out more visit the Freak Attack site. The site lists web sites that are still vulnerable and unsafe to use. As of March 3. 9pm EST the list of insecure sites include,, and

This story may contain affiliate links.


Find rare products online! Get the free Tracker App now.

Download the free Tracker app now to get in-stock alerts on Pomsies, Oculus Go, SNES Classic and more.

Latest News


The Author

<a href="/latest_stories/all/all/2" rel="author">Luigi Lugmayr</a>
Manfred "Luigi" Lugmayr () is the founding Chief Editor of I4U News and brings over 25 years experience in the technology field to the ever evolving and exciting world of gadgets, tech and online shopping. He started I4U News back in 2000 and evolved it into vibrant technology news and tech and toy shopping hub.
Luigi can be contacted directly at ml[@]




comments powered by Disqus