Many Android and iOS apps still vulnerable to FREAK attacks

March 18, 2015

Via: hacker

Your may no longer be vulnerable to FREAK attacks, but what about the mobile you use? According to FireEye researchers, who have tested the most popular apps both for and for , a considerable number of them are left open to a FREAK attack, as they contain vulnerable versions of the OpenSSL and SecureTransport libraries.

“Even after vendors patch Android and iOS, such apps are still vulnerable to FREAK when connecting to servers that accept RSA_EXPORT cipher suites. That’s why some iOS apps are still vulnerable to FREAK attack after Apple fixed the iOS FREAK vulnerability in iOS 8.2 on March 9,” the researchers explained.

Read More