Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

3/6/2015
03:05 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
100%
0%

Scope Of FREAK Flaw Widens As Microsoft Says Windows Affected Too

Researchers had originally thought only Safari and Android affected by flaw.

The number of users at risk from the recently discovered Factoring attack on RSA-Export Keys (FREAK) flaw has increased substantially with Microsoft’s confirmation Thursday that all supported releases of Windows are vulnerable to attacks that exploit the issue. 

However, security researchers remain optimistic that the actual chances of the flaw being exploited widely remain relatively low, simply because of the effort required to pull off the attack.

In a security alert, Microsoft said it was aware of a “security feature bypass” vulnerability in the Secure Channel security package that implements Secure Sockets Layer (SSL) and Transport Layer Security (TLS) in Windows.

The vulnerability could allow an attacker to force the downgrade of encryption protocols used in an SSL/TSL connection between a Windows client system and a server, Microsoft said.

“The vulnerability facilitates exploitation of the publicly disclosed FREAK technique, which is an industry-wide issue that is not specific to Windows operating systems,” the company noted.

Microsoft will provide a fix through its monthly release process or provide an out-of-cycle security update, the company said.

Enterprises should pay attention to the news, because a vast majority of them run Windows systems, says Sekhar Sarukkai, co-founder and vice president of engineering at Skyhigh Networks.  “It is important because it can have an impact on the insider threat issue,” Sarukkai said.

A Windows user with malicious intent can potentially take advantage of the flaw to force a downgrade of the encryption protocols and gain illegal access to systems and data, he said.

Sarukkai said that Skyhigh has discovered that at least 695 cloud service providers are also vulnerable to the issue, including leading backup, HR, security, CRM and ERP service providers.

Simon Crosby, CTO of Bromium, said news about Microsoft Windows also being vulnerable means FREAK is more serious than initially thought. “More broadly, the bug brings up some pretty serious questions about how the security protocols of yesteryear may affect us today and in the future,” he said in an emailed statement. “The older your infrastructure, the more likely latent vulnerabilities will surface, as they have in this case.” The message for CIOs is to upgrade and patch where they can, he said.

When Microsoft and researchers at INRIA and IMDEA first reported the FREAK vulnerability earlier this week, they described the flaw as only affecting Apple’s Safari TSL/SSL clients and Google’s Android Open SSL clients.

The vulnerability basically gives attackers a way to weaken and break the encryption that is used to protect communications between a client browser and a web server. It takes advantage of the fact that millions of websites that issue browser-trusted SSL certs based on current crypto standards also support an archaic 512-bit version of SSL/TSL that many assumed had become extinct years ago.

The support is a hangover from the 1990s when a U.S. government ban on the export of strong encryption tools resulted in technology firms shipping 512-bit encryption products overseas instead. 

As cryptographer Matthew Green explains, this resulted in U.S. servers needing to support both weak and strong encryption protocols. To cope with this, SSL designers developed a sort of negotiating mechanism to identify the best protocol to use for clients supporting strong encryption and for those with the weaker 512-bit crypto.

Over the years the ban on encryption was lifted but millions of servers around the world still support both strong and weak crypto contrary to what security researchers had assumed.

Modern TLS clients from Apple, Google, and, with Wednesday’s announcement, Microsoft, have a bug that allows attackers to take advantage of this fact, and essentially trick a web server into using the weaker 512-bit encryption during a session.

According to the security researchers who discovered the flaw, an attacker would need just over seven hours to crack the session key and essentially intercept traffic in clear text as it flows between the browser and server and steal data or launch attacks against the web server.

Nearly one-quarter of all SSL-encrypted websites are believed vulnerable to the flaw.

Pulling off an attack though is not easy, because it would require an attacker to first identify a vulnerable client and web server and then launch a man-in-the-middle attack to intercept and manipulate the session between the browser and server.

“This is still a highly targeted attack however, since the attacker must target specific sites with support for export encryption and then spend the effort to crack their 512-bit RSA ephemeral key,” says Craig Young, senior security researcher at Tripwire. The attack is only possible if server administrators do not have the weaker "export" ciphers enabled, he said in emailed comments.

“Windows users should not be particularly concerned about this attack, but it would be wise to disable the RSA key exchange ciphers as Microsoft recommends particularly on systems which are used on public wireless networks.” 

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MarcT326
100%
0%
MarcT326,
User Rank: Apprentice
3/9/2015 | 4:10:38 PM
Why did it take so long to recognize?
I'm a little puzzled...  When I first read about FREAK last week, I immediately visited the freakattack.com test site to see whether my device was vulnerable (of course, it was.)  The very next thing I did was to visit the same site from my Windows laptop, using Chrome, Firefox and IE - and in each case it reported that I was vulnerable. 

It doesn't require a code review to predict the vulnerability; it merely requires a test, and since someone else already did the work to build that test... why did it take Microsoft this long to figure this out?  Or was it merely that it took this long for the bureaucratic wheels to grind out a press release? 


Obviously this is just a matter of days, against the backdrop of this being a decade-old vulnerability... but once the announcement is out there, seconds count - and it seems that Microsoft was asleep at the switch.
Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
US Counterintelligence Director & Fmr. Europol Leader Talk Election Security
Kelly Sheridan, Staff Editor, Dark Reading,  10/16/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5790
PUBLISHED: 2020-10-20
Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
CVE-2020-5791
PUBLISHED: 2020-10-20
Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user.
CVE-2020-5792
PUBLISHED: 2020-10-20
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user.
CVE-2020-25157
PUBLISHED: 2020-10-20
The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information.
CVE-2020-25648
PUBLISHED: 2020-10-20
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw...