Microsoft has revealed that all supported versions of its Windows operating system are vulnerable to attacks exploiting the so-called Freak security vulnerability.
They found that once intercepted, the connnections can be forced to use ‘export-grade’ cryptography, even if the weak algorithms are disabled by default.
Initially, only browsers in Android and iOS devices appeared to be vulnerable, but Microsoft said in a security advisory that it is aware of a security feature bypass vulnerability in its Secure Channel (Schannel) security component that implements the SSL and TLS protocols.
"The vulnerability facilitates exploitation of the publicly disclosed Freak technique, which is an industry-wide issue that is not specific to Windows operating systems,” the security advisory said.
However, Microsoft said Windows servers are not affected if the RSA export cipher at the heart of the Freak vulnerability is disabled.
Microsoft has given no indication whether a patch will be released as part of the next monthly scheduled security update or as a separate patch, but said users of Windows Vista and later versions could protect themselves by disabling RSA key exchange ciphers using the Group Policy Object Editor.
Although Microsoft Research was part of the team that uncovered the Freak vulnerability alongside European cryptographers, the software maker has been slow to disclose the vulnerability in Windows.
"The older your infrastructure, the more likely latent vulnerabilities will surface – as they have in this case,” said Simon Crosby, CTO and co-founder of endpoint security firm Bromium.
Read more about SSL vulnerabilities
- PrivDog compromises the secure sockets layer (SSL) protocol used to secure online transactions.
- Poodle SSL vulnerability has been patched, yet new vulnerabilities are causing concern.
- Researchers say the SSL flaw in Microsoft Windows could be worse than Heartbleed.
- Following Heartbleed, six more OpenSSL vulnerabilities have been discovered.
“Attackers will exploit any opportunity – and the legacy base is full of holes, so CIOs need to continually upgrade and patch where they can,” he added.
About one-third of encrypted websites, or 12% of all websites, are believed to be vulnerable, including several banks, media sites and government agencies.
Google has already released a fix and Apple is expected to release one soon. Independent security consultant Graham Cluley has advised website owners to disable support for any export suites on their web servers.
“Freakattack.com suggests that instead of simply excluding RSA export cipher suites, administrators should disable support for all known insecure ciphers and enable forward secrecy,” Cluley said in a blog post.
The vulnerability is the latest in a series of weaknesses discovered in SSL/TLS, the technology that was designed to keep online transactions secure.
Although the Freak vulnerability has existed for more than a decade, researchers said there is no evidence that any attackers have exploited the weakness to date.
Although security experts are advising organisations to patch their web servers and use only strong encryption algorithms, many have pointed out that the Freak vulnerability is not easy to exploit
“It will require several conditions to be met, so it is not as severe as Heartbleed, which could be readily exploited,” said TK Keanini, chief technology officer at security firm Lancope.
While it is not trivial to exploit, Keanini said the most advanced threat actors do have the capabilities to exploit this vulnerability, and all clients and servers should be configured not to allow weaker encryption.
Other commentators have gone so far as to suggest that the Freak vulnerability is little more than a hypothetical threat based on unusual conditions not likely to affect many users of the internet.
“An attack would require a sophisticated attacker with a set of tools and technology not in common use,” said Phil Lieberman, chief executive of Lieberman Software.
“The attack is very difficult to set up and is in the realm of state-sponsored physical intrusion of your internet connection or your Wi-Fi connection.”
Lieberman said that although the attack mechanism described is a valid methodology, it depends on the physical compromise of a connection and a series of coincidences, such as the target using a vulnerable browser to access a vulnerable website.
“Freak is a low-probability threat, so little needs to be done beyond upgrading to the latest versions of web server software and blocking weak encryption in browsers,” he added.