The Redmond, Washington based company has warned that hundreds of millions of users of Windows PC are vulnerable to attacks because of the recent uncovering of a security vulnerability titled ‘Freak’, which could be exploited. Initially, it was believed that this security bug was only a threat to Mac computers and mobile devices, but that doesn’t seem to be the case now if the company’s announcement is to be believed. It was on Tuesday that the first news about the vulnerability came to light when nine security experts made a disclosure of ubiquitous internet encryption technology that would render devices running on the Android browser of Google Inc. and the iOS and Mac operating system of Apple Inc. vulnerable to cyberattacks.
On Thursday, the software giant decided to release a security advisory in order to give a warning to customers that their PCs were also vulnerable to the security bug called Freak. PCs that regularly connect with those webservers that have been configured on the basis of encryption technology are open to this vulnerability so they could become the target of attacks. The technology was weakened intentionally in order to comply with the regulations of the US government that ban the export of strong encryption.
If the hacking attempts are successful, the hackers would have access to all communications of the PCs and they would also be able to infect
They asserted that hours of computer time would be needed by the hackers in order to crack the encryption, which would be essential for launching the attack. According to people part of the security industry, this isn’t a very big issue because several ducks in a row would needed for accomplishing it. The hackers would first need to locate a web server that was vulnerable, then they would have to break the key, find a vulnerable mobile device or PC and then gain access to it for the attack to be successful.
System administrators were advised by Microsoft to implement a workaround that would disable settings on those servers that make use of weak encryption. The software giant said that there was an ongoing investigation into the flaw, but hadn’t yet come up with a security update that would provide Windows PC users protection from it. Apple, on the other hand, did make the announcement that it had developed a security update for this problem and would be rolled out to all iOS and Mac users in the next week so they could be secure. Google said that they had also developed a patch that had been given out to manufacturers of Android devices.