A security warning has been issued by Microsoft about a bug that can let attackers spy on the secure communities. This bug has been called as ‘Freak’ and found in the software that is used for encrypting data, which passes between web users and web servers. Initially this bug was believed to be affecting only some of the users of Blackberry phones and Android as well as the Safari web browser by Apple. This warning from Microsoft clearly suggests that millions can be prone to the risk of losing data.
Freak Flaw
The encryption and security expert Karthikeyan Bhargavan has discovered the Freak Flaw. This discovery highlighted the attacker can force data travelling between a vulnerable site and the visitor of the site can become vulnerable to use weak encryption. This will make it easier for the attackers to crack open the data and steal out the sensitive information. He added that hackers can easily and successfully spy on the communications as well as malicious software.the computers of the people with malicious software. According to a statistic collected by an anonymous group suggested that 9.5% of the internet’s top one million websites are vulnerable to these kinds of attacks. This monitoring group presented an online tool that will allow the people to check if the website they are using is vulnerable to the flaw.
Vulnerable to Flaw
Apple is being expected to roll out a patch for the freak flaw next week while on the other hand; Google has already updated its version of Chrome for the Mac to remove its vulnerability to the flaw. There is no word from Android pertaining to the actions they will be taking against this flaw. According to the security advisory note released on 5 March, Microsoft Company stated that each and every present window that utilizes Internet Explorer or any other non-Microsoft software that can be called as a part of the so called Secure channel of windows are susceptible to the Freak Flaw.
Microsoft Company has already issued advices to the people pertaining to the ways to remove the susceptibility from some of its software, however, they also alarmed the people that using and applying these fixes can cause potential problems with some of the other programs. According to the reports, Microsoft is currently working on an update meant for removing the vulnerability. In their advisory, Microsoft, stated that they have not received any kind of information, which could suggest that these security attacks or flaws have been actively subjugated by cyber criminals.
Apple and Microsoft have released out updates a week after the identification of the freak flaw and requires users to restart their system after installation of the updates. Reports suggest that Blackberry 10 browser still remain vulnerable. According to reports from the Washington posts, fbi.gov and the whitehouse.gov were still part of the websites who was vulnerable to these security attacks but the government was able to secure these websites.
So whether software companies believe or not but it is time for the windows user to be worried and freak.