Apple and Microsoft release patches to fix FREAK vulnerability

 

Apple and Microsoft have released patches to fix the FREAK security vulnerability found last week in Mac OS X, iOS and Windows operating systems.
FREAK — short for Factoring attack on RSA-EXPORT Keys — allows hackers to decrypt HTTPS-protected Web traffic between browsers and millions of websites, so they can intercept data like login details and credit card numbers.
Microsoft published a number of critical security bulletins yesterday addressing vulnerabilities in both consumer and server editions of Windows, Internet Explorer, Office, SharePoint Server and Exchange Server.
These updates also introduce a patch against Stuxnet, a worm, discovered on Windows PCs in 2010, that was allegedly created by US intelligence to target Iranian nuclear facilities.
Meanwhile, Ars Technica reports that Apple has released a security package that includes fixes for the SSL vulnerability in Safari in OS X Mountain Lion, Mavericks and Yosemite.
In addition, its recent iOS update to version 8.2 included a FREAK fix for the company’s mobile devices.
➤ Microsoft Security Bulletin Summary for March 2015 [Microsoft Security TechCenter via PCWorld]