62°F
weather icon Clear
Las Vegas, NV
Life

Windows PC users also vunerable to ‘freak’ attacks, warns Microsoft

(Thinkstock)
More Stories
FILE - Lucile Packard Children's Hospital at Stanford visitor Sheila Garcia, 3, wears befo ...
Study confirms suspicions about kids, germs
Over the past five years, the average premium for family coverage has increased by 26 percent, ...
A new car vs. health insurance? The soaring cost of coverage
The main concerns about dense breast tissue are that it makes breast cancer screening more comp ...
Diagnosed with dense breast tissue: What exactly does that mean?
Zinc is an essential mineral, but most people get enough from their diet without the need for s ...
When it comes to nutrition, more is not always better
By JIM FINKLE REUTERS
March 6, 2015 - 9:29 pm
 

BOSTON — Hundreds of millions of Windows PC users are vulnerable to attacks exploiting the recently uncovered “Freak” security vulnerability, which was initially believed to only threaten mobile devices and Mac computers, Microsoft Corp warned.

News of the vulnerability surfaced on Tuesday when a group of nine security experts disclosed that ubiquitous Internet encryption technology could make devices running Apple Inc’s iOS and Mac operating systems, along with Google Inc’s Android browser vulnerable to cyber attacks.

Microsoft released a security advisory on Thursday warning customers that their PCs were also vulnerable to the “Freak” vulnerability.

The weakness could allow attacks on PCs that connect with Web servers configured to use encryption technology intentionally weakened to comply with U.S. government regulations banning exports of the strongest encryption.

If hackers are successful, they could spy on communications as well as infect PCs with malicious software, the researchers who uncovered the threat said on Tuesday.

The Washington Post on Tuesday reported that whitehouse.gov and fbi.gov were among the sites vulnerable to these attacks, but that the government had secured them. (wapo.st/18KaxIA)

Security experts said the vulnerability was relatively difficult to exploit because hackers would need to use hours of computer time to crack the encryption before launching an attack.

“I don’t think this is a terribly big issue, but only because you have to have many ducks in a row,” said Ivan Ristic, director of engineering for cybersecurity firm Qualys Inc.

That includes finding a vulnerable web server, breaking the key, finding a vulnerable PC or mobile device, then gaining access to that device.

Microsoft advised system administrators to employ a workaround to disable settings on Windows servers that allow use of the weaker encryption. It said it was investigating the threat and had not yet developed a security update that would automatically protect Windows PC users from the threat.

Apple said it had developed a software update to address the vulnerability, which would be pushed out to customers next week.

Google said it had also developed a patch, which it provided to partners that make and distribute Android devices.

“Freak” stands for Factoring RSA-EXPORT Keys.

MOST READ
Don't miss the big stories. Like us on Facebook.
THE LATEST
FILE - Lucile Packard Children's Hospital at Stanford visitor Sheila Garcia, 3, wears befo ...
Study confirms suspicions about kids, germs
By Jonel Aleccia | The Associated Press

Autumn marks the start of respiratory virus season, when colds, flu and other bugs start circulating — especially among the very young.

Zinc is an essential mineral, but most people get enough from their diet without the need for s ...
When it comes to nutrition, more is not always better
By Barbara Intermill Tribune News Service

Many of the nutrients we need for optimal health are only necessary in tiny amounts. If we continuously exceed those amounts, there may be consequences.

 
How to stay mentally sharp as you age
By Jim Miller Savvy Senior

While our genes play a key role in determining our cognitive aging, our general health also plays a big factor.

A stay in the hospital does not always mean you are an inpatient and that you qualify for skill ...
Who pays for a skilled nursing stay, Medicare or you?
By Toni King Toni Says

A stay in the hospital does not always mean you are an inpatient and that you qualify for skilled nursing facility care through Medicare Part A.

Veterinarian Patrick Smith, left, discusses raw milk with dairyman and producer Mark McAfee at ...
Who benefits from the MAHA anti-science push?
By Michelle R. Smith and Laura Ungar Associated Press

Powerful anti-vaccine advocates and people selling potentially harmful goods such as raw milk are profiting from the push to write anti-science policies into law across the U.S.

MORE STORIES