On March 5, Microsoft published a security advisory addressing the "Freak" vulnerability. "Freak" stands for "Factoring RSA-EXPORT Keys."
Understanding the "Freak" Vulnerability
Initially, a team of nine cybersecurity experts uncovered that common Internet encryption technology could make devices running Apple's IOS and Mac operating systems or Google's Android browser vulnerable to hacking.
Now, the possibility of attacks has spread to PCs that connect to Web servers using a weaker type of encryption technology. As explained by Finkle, this technology was intentionally weakened to adhere to U.S. government policies that banned exports of the stronger encryption technology.
According to Reuters, hackers exploiting the "Freak" vulnerability could potentially be able to view correspondence between users, as well as infect computers with malevolent software.
In a Washington Post report, whitehouse.gov and fbi.gov were listed as sites that could be susceptible to an attack. However, both sites were believed to have been secured by the government.
According to security experts, while it is possible for hackers to take advantage of the vulnerability, it isn't necessarily easy. Potential hackers would need to dedicate several hours of computer time to crack the encryption before achieving a successful attack.
"I don't think this is a terribly big issue, but only because you have to have many ducks in a row," said Ivan Ristic, director of engineering at cybersecurity firm Qualys Inc., suggesting that this vulnerability may not be as threatening as many thought when it was first reported.
Protecting Your Computer Against the "Freak" Virus
This is the second time in as many months that Microsoft has had to address a major vulnerability within its software. In February, the JASBUG virus was uncovered by cybersecurity firm JAS Global Advisors.
So far, Microsoft has advised system administrators to use a workaround that would disable settings on Windows servers that allow use of weaker encryption that enables the "Freak" exploit. Apple has also developed a software update to address the problem, and Google also developed a patch for its partners, who then distributed it to Android devices.
Our team publishes news articles for entrepreneurs five days a week. Our entrepreneur news articles review trends in business management, analyze the ramifications of regulatory initiatives, present relevant entrepreneurial research findings, and cover many other topics of interest to small business owners.