FREAK SSL/TLS Vulnerability

Imechapishwa: Mar 11, 2015 14:29

Reference No: FREAK SSL/TLS Vulnerability

FREAK (Factoring Attack on RSA-EXPORT Keys) SSL/TLS Vulnerability has been discovered, a weakness in some implementations of SSL/TLS.  It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force the two to use weakened encryption, which the attacker can break to steal or manipulate sensitive data. Microsoft has released a Security Advisory that includes a workaround for supported Windows systems. Users and administrators are encouraged to review the Security advisory released by Microsoft; Vulnerability Note VU#243585 and apply the necessary mitigations. For more information please visit: Microsoft Security Advisory and VU#243585

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Ripoti Tukio