FREAK is a recently found vulnerability in the SSL and TLS cryptographic protocols that might put hundreds of secure connections at risk. It is not only specific to Windows, but its last victim is Microsoft’s operating system indeed. As Microsoft investigation shows, the bug allows the attacker to downgrade the cipher suites used in SSL/TLS connections.
The FREAK bug lets cybercriminals hijack and decode communications between servers and clients. Shortly said, once the encryption is cracked, attackers could swipe passwords and various personal data. Once this information is stolen, the website at issue becomes vulnerable to further dangerous interceptions.
Deciphering the FREAK Vulnerability
Computer scientists underline that both servers and clients are equally at risk. As their thorough analysis shows, more than a third of all servers with browser-trusted certificates are in danger.
It is known that browsers are affected by the attack due to bugs that give permission to the attacker to use weak, export-grade encryption. Among the endangered browsers are Internet Explorer, Chrome on both Android and Mac, Safari on Android/Mac, etc. Originally, it was considered that the FREAK bug only affected users of Blackberry and Android phones, and also the ones using Apple’s Safari web browser.
Good news is that Chrome for Windows and all versions of Firefox are not exposed to the FREAK threat. Researchers, however, warn that even if a browser is safe, there are certain adware and rogue antivirus products that could do the work and intercept TLS connections.
How to Protect Your Server or Browser?
Servers may be safe if support for TLS export cipher suites is disabled as soon as possible. One should also consider disabling other cipher suites that might be insecure.
It is imperative that browsers are updated on time. All users should frequently check for updates. Fortunately, researchers at the University of Michigan are working towards releasing a list of critical updates that could fix the FREAK bug.
The same scientists also established a website that can check if your browser is at risk. They also created a list of popular websites currently exposed to the attack.