About this tag
The FREAK vulnerability, short for Factoring attack on RSA-EXPORT Keys, is a security issue affecting Microsoft Windows through the Secure Channel (Schannel) component. Microsoft confirmed that all supported Windows versions are vulnerable to this attack, which allows an attacker to downgrade SSL/TLS encrypted sessions to use weaker export-grade RSA ciphers. This security feature bypass was addressed by Microsoft in Security Advisory 3046015, released in March 2015. The advisory provided guidance and clarified that no workaround exists for Windows Server 2003. Users were advised to check browser vulnerability and apply updates to mitigate the risk. The FREAK tag covers discussions on the vulnerability, its impact on Windows, and Microsoft's response.
-
Microsoft confirms FREAK vulnerability affects Windows as well
Ref: http://www.winbeta.org/news/microsoft-confirms-freak-vulnerability-affects-windows-well If you pop onto the site above it will check whether your browser is vulnerable to attack. Apparently the latest Chrome is fine as is IE (version 11.0.9800.0. the one that comes with win 10 build 9926)- kemical
- Thread
- attack browser build chrome cipher client systems encryption exploit freak internet explorer microsoft rsa schannel security ssl tls update version vulnerability windows
- Replies: 0
- Forum: Windows Security
-
Security Advisory 3046015 released
Today, we released Link Removed to provide guidance to customers in response to the SSL/TLS issue referred to by researchers as “FREAK” (Factoring attack on RSA-EXPORT Keys). Our investigation continues and we’ll take the necessary steps to protect our customers. MSRC Team Continue reading...- News
- Thread
- advisory freak msrc protection research rsa security ssl tls vulnerability
- Replies: 0
- Forum: Security Alerts
-
3046015 - Vulnerability in Schannel Could Allow Security Feature Bypass - Version: 1.1
Severity Rating: Important Revision Note: V1.1 (March 5, 2015): Advisory revised to clarify the reason why no workaround exists for systems running Windows Server 2003. See the Advisory FAQ for more information. Summary: Microsoft is aware of a security feature bypass vulnerability in Secure...- News
- Thread
- advisory attack best practices cipher downgrade freak important microsoft mitm schannel security server ssl tls vulnerability windows
- Replies: 0
- Forum: Security Alerts
-
Windows 7 Crackdown 2 Project Sunburst on WP7 & Xbox LIVE
Project Sunburst is the latest Crackdown title and brilliantly uses real-time backdrops from Bing Maps, based on your location, to provide an endless array of gameplay environments. The game uses the Windpws Phone 7 geo-tagging functionality to pin-point where you are, and you can build bases...- News
- Thread
- bing maps crackdown freak gameplay geo-tagging location maps sunburst windows phone xbox live
- Replies: 0
- Forum: Live RSS Feeds