Computers running all supported releases of Microsoft Windows are vulnerable to FREAK, a decade-old encryption flaw that leaves device users vulnerable to having their electronic communications intercepted when visiting any of hundreds of thousands of websites.
The flaw was previously thought to be limited to Apple's Safari and Google's Android browsers. But Microsoft warned that the encryption protocols used in Windows were also vulnerable to the flaw. The FREAK flaw surfaced a few weeks ago when a group of researchers discovered they could force websites to use intentionally weakened encryption, which they were able to break within a few hours.Read more
Tech firms are rushing to fix a disastrous security flaw, stemming from the US government’s requirement of lower encryption standards, that for over a decade left millions of users visiting 'secured' websites exposed to potential attacks.
Experts have discovered a massive flaw that allows attackers to decrypt HTTPS-protected traffic passing between millions of websites and users of vulnerable devices, including Android and Apple smartphones and tablets. Researchers found that some websites that use SSL or TLS protocols, including government ones, are vulnerable and could be tricked into setting up a connection through weak encryption keys.Read more