Jump to content

Apple stops the 'FREAK' in its tracks


Recommended Posts

http://cdn.mos.techradar.com/art/TRBC/Software/Yosemite/Safari%201-470-75.jpg

Apple has issued a new security update in order to protect its range of products from the so-called "FREAK" vulnerability.

The updates, which cover OS X as well as iOS and AppleTV, address the vulnerability that is able to take advantage of a flaw in SSL/TSL connections and allow secure communications to be manipulated.

FREAK, or factoring attack on RSA-EXPORT keys, allows attackers to decrypt traffic sent over an HTTPS connection between end users and websites. Attackers are able to use the exploit when an end-user using a vulnerable device connects to an HTTPS-protected site that is also vulnerable and the only ones at risk are sites using a weak cipher that was supposed to have been retired a while ago.

How to update

Attackers can manipulate this by introducing a weaker 512-bit encryption key into the protected session and then collecting any information passed over this exchange by using a low-cost method in the cloud.

AppleTV 7.1, iOS 8.2 and Security Update 2015-002 can all be downloaded on the relevant devices and doing so protects against information being pilfered by attackers.

Via: Apple

http://rss.feedsportal.com/c/669/f/415085/s/443dfb52/sc/4/mf.gif


http://da.feedsportal.com/r/223514783294/u/49/f/415085/c/669/s/443dfb52/sc/4/rc/1/rc.img
http://da.feedsportal.com/r/223514783294/u/49/f/415085/c/669/s/443dfb52/sc/4/rc/2/rc.img
http://da.feedsportal.com/r/223514783294/u/49/f/415085/c/669/s/443dfb52/sc/4/rc/3/rc.img

http://da.feedsportal.com/r/223514783294/u/49/f/415085/c/669/s/443dfb52/sc/4/a2.imghttp://pi.feedsportal.com/r/223514783294/u/49/f/415085/c/669/s/443dfb52/sc/4/a2t.imgBpvORodvzlY
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...