Menu

Topics

TV Programs

Connect

Local

your local region

National

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

Calendar

Calendar

Search

Quick Search

  •  
  •  
  •  
  •  
  •  
  •  

Trending Now

  •  
     
  •  
     
  •  
     
  •  
     
  •  
     
  •  
     

Add Global News to Home Screen

Instructions:

  1. Press the share icon on your browser
  2. Select Add to Home Screen
  3. Press Add

Comments

Want to discuss? Please read our Commenting Policy first.

Video link
Headline link
Advertisement
Tech

‘FREAK’ security flaw affecting Microsoft PCs

By Nicole Bogart Global News
Posted March 9, 2015 9:32 am
2 min read
Heartbleed bug View image in full screen
File/Getty Images
Share this item via WhatsApp

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

TORONTO – Millions of Windows PCs are vulnerable to a decades-old security flaw called “FREAK” that leaves users susceptible to hackers when visiting supposedly secure websites, according to Microsoft.

The security vulnerability allows hackers to spy on users by breaking the secure connection between their device’s web browser and websites.

Last week it was reported the flaw affected Android and Apple users through Apple’s Safari browser (on both mobile devices and Mac computers) and Android’s default browser. Microsoft’s systems were not believed to be affected.

However, Microsoft later released a security advisory on its website warning users that their PCs were also vulnerablec to the “FREAK” flaw.

“Microsoft is aware of a security feature bypass vulnerability in Secure Channel (Schannel) that affects all supported releases of Microsoft Windows,’” reads the security advisory.

Story continues below advertisement

“When this security advisory was originally released, Microsoft had not received any information to indicate that this issue had been publicly used to attack customers.”

Breaking news from Canada and around the world sent to your email, as it happens.

FREAK was the result of a former U.S. government policy that required U.S. software-makers to use weaker security in encryption programs sold overseas. Although the policy was changed in the 1990s, weaker encryption was still used in widely used software.

READ MORE: ‘FREAK’ security flaw left Android, Apple users vulnerable to hackers

More on Science and Tech

A team of security researchers recently discovered that many websites can still be tricked into accepting the weaker software, allowing hackers to break encryption that’s supposed to prevent digital eavesdropping.

Trending Now

Currently, there’s no evidence any hackers have exploited the weakness, which companies are working to repair. However, if a hacker were to have exploited the flaw, they would have been able to see users’ sensitive information including passwords and credit card information.

Microsoft has not yet developed a security patch for its devices; however, it is working on a solution.

“Upon completion of this investigation, Microsoft will take the appropriate action to help protect customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs,” read the security advisory.

Story continues below advertisement

In the meantime, Windows users can use web browsers not affected by the FREAK flaw for added security, including Google Chrome and Mozilla Firefox.

To check if your web browser is affected by FREAK click here.

© 2015 Shaw Media

Sponsored content

AdChoices