Scam of the day – March 9, 2015 – FREAK update

I reported to you last week about the disclosure of the serious FREAK vulnerability that can be exploited by hackers to enable them to decrypt what people believe are safe and secure encrypted communications of their computers and other electronic devices.  This potentially puts you in a position where your communications carrying sensitive information such as credit card information, passwords, credit card information and more could be intercepted by an identity thief who could use this information to make you a victim of identity theft.  This vulnerability is similar to last year’s Heartbleed in that it is not malware, but merely a flaw that has existed in much used security software that has been around for years, but only discovered a few weeks ago.  Efforts to come up with patches to correct the flaw are moving ahead and some temporary solutions have been offered by Google and Microsoft.

TIPS

Here are some helpful links.

This is the link to the Department of Homeland Security’s most recent update on the problem.  http://www.kb.cert.org/vuls/id/243585

This is the link to the Microsoft Security Advisory regarding FREAK.  https://technet.microsoft.com/library/security/3046015.aspx

Finally, here is a link to a website that has a lot of helpful information about the extent of the problem and the present status of patches and updates.  https://freakattack.com/  By going to this website in your browser, you will find out at the top of the opening page of the website whether or not your browser is affected.

 

Leave a Reply

Your email address will not be published. Required fields are marked *