Initially, experts believed that the recently disclosed SSL/TLS vulnerability dubbed “FREAK” doesn’t affect Windows, but Microsoft confirmed on Thursday that all supported versions of its operating system are impacted.
According to Microsoft, the vulnerability exists in Secure Channel (Schannel), a security package that implements the SSL/TLS authentication protocols. An an attacker can exploit the flaw to downgrade an encrypted SSL/TLS session and force client systems to use a weaker, export-grade RSA cipher. Through a man-in-the-middle (MitM) attack, a malicious actor could intercept and decrypt encrypted traffic.
However, Microsoft says there is no evidence to suggest that the vulnerability has been exploited in the wild against its customers.
“Upon completion of this investigation, Microsoft will take the appropriate action to help protect customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs,” the company said in an advisory.
In the meantime, users are advised to disable RSA key exchange ciphers using the Group Policy Object Editor available in Windows Vista and later. This workaround is efficient because an attack can only be launched if the server supports export-grade cipher suites.
FREAK (Factoring attack on RSA-EXPORT Keys) affects several popular cryptographic software libraries, including OpenSSL versions prior to 1.0.1k (CVE-2015-0204), BoringSSL versions released before November 10, 2014, LibReSSL versions prior to 2.1.2, and Apple’s Secure Transport.
Web browsers such as Internet Explorer, Chrome on OS X and Android, Safari on OS X and iOS, the stock Android browser, BlackBerry Browser, and Opera on OS X and Linux are affected. Chrome for OS X has already been patched by Google, and Apple is expected to release patches for Safari next week.
FREAKattack.com, which monitors the status of the vulnerability, reported that more than a third of HTTPS servers with browser-trusted certificates were at risk as of March 3. The list of popular websites affected by the issue as of March 5 included the ones of American Express, 4Shared, GroupOn, MIT, and TalkTalk.
Export-grade encryption was introduced in 1990 when the United States government required organizations that distributed cryptography systems outside the country to deliberately weaken the strength of encryption keys.
Today, an attacker could easily recover the private key needed to decrypt communications. According to cryptography expert Matthew Green, the process can be completed in roughly 7.5 hours using Amazon’s EC2 service and it would only cost $104.
Experts advise Web server administrators to disable support for export-grade suits to mitigate the vulnerability. Servers can be tested using the SSL FREAK Check tool or Qualys’ SSL Server Test.