Tuesday, March 10, 2015

FREAK

Microsoft Security Bulletin MS15-031:

This security update resolves a vulnerability in Microsoft Windows that facilitates exploitation of the publicly disclosed FREAK technique, an industry-wide issue that is not specific to Windows operating systems. The vulnerability could allow a man-in-the-middle (MiTM) attacker to force the downgrading of the key length of an RSA key to EXPORT-grade length in a TLS connection. Any Windows system using Schannel to connect to a remote TLS server with an insecure cipher suite is affected.

Apple Security Update 2015-002:

Secure Transport accepted short ephemeral RSA keys, usually used only in export-strength RSA cipher suites, on connections using full-strength RSA cipher suites. This issue, also known as FREAK, only affected connections to servers which support export-strength RSA cipher suites, and was addressed by removing support for ephemeral RSA keys.

Reader François Joseph notes that Apple has not made this fix available to users of the pre-release Mac OS X 10.10.3. However, he successfully applied the 10.10.2 package using Pacifist with seemingly no ill effects.

Update (2015-03-10): Lee Hutchinson:

First publicized a week ago, the “FREAK” vulnerability can be used by an attacker to force someone’s SSL/TLS connection to a Web server to use a weak 512-bit key, which the attacker can then factor with a relatively trivial amount of work and thereby decrypt and/or modify the supposedly secure connection. The vulnerability affects OS X, iOS, Android, and Windows devices. The acronym “FREAK” stands for “Factoring attack on RSA-EXPORT Keys,” which references the fact that the 512-bit weak keys are so-called legacy “export-grade” keys mandated for use in the 1990s with cryptographic hardware and software built in the US but intended for sale outside of the country.

Comments RSS · Twitter

Leave a Comment