Windows and Internet Explorer are Vulnerable to FREAK Attack, Microsoft Confirms
Recently, the digital world was introduced to a new form of security threat called the FREAK attack. It exploits old security flaws to cripple modern day browsers and make them a heaven for hackers. The security vulnerability was found earlier this week by a team of security experts who revealed that decades-old encryption security running on mobile devices, Mac computers and iOS makes these platforms vulnerable to attacks.
At the time, it was thought that Windows and Internet Explorer are both safe from this cyber threat. However, according to Microsoft, that isn’t the case as millions of Windows PCs are at risk too.
Microsoft issued a warning to users, letting them know that they aren’t secure from FREAK attacks. Affected platforms include Windows RT, Windows Vista, Windows Server 2003, Server 2008 and all other public versions of Windows.
PCs connected with web servers using encryption technology are at risk. The technology is intentionally made weak to meet US regulations, who banned the export of the strong encryption.
If hackers manage to crack it, they can spy on our communications and infect millions of PCs with malicious software.
For Windows users, the only available fix is to manually guide the system and tell which ciphers can be used. On the other hand, Google was quick to react and has released patch for its browser on Mac.
Firefox remains the most secure and is safe to use across all platforms. The issue with FREAK isn’t in the vulnerability of the encryption, it’s in how the government intentionally made it weak. The government standardized weak cryptography in an attempt to gain control.
The problem remained undetected for over a decade suggests that agencies like the NSA or the FBI could have been a victim of cyber attacks themselves, without even knowing it.
NSA thinks they have complete control but are they really the ones in control? Government agencies themselves provided a backdoor to hackers which we don’t know for how long and for what purposes could have been exploiting such vulnerabilities.