Mar 11, 2015

Microsoft gets its FREAK on fast, patches encryption bug in Windows


Microsoft today patched Windows to prevent possible FREAK attacks against users of Internet Explorer (IE).

MS15-031 patches Schannel, the set of Windows protocols that, among other things, accesses the OS's cryptographic features to encrypt traffic between browsers and website servers using SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security).

Even though Microsoft acknowledged last week that Windows was susceptible to FREAK attacks -- adding millions more potential victims -- the company reminded everyone today that the flaw wasn't exclusive to Windows, using boilerplate that it typically trots out in such instances.

To read this article in full or to leave a comment, please click here