09:37
Apple has issued a new security update in order to protect its range of products from the so-called "FREAK" vulnerability.
The updates, which cover OS X as well as iOS and AppleTV, address the vulnerability that is able to take advantage of a flaw in SSL/TSL connections and allow secure communications to be manipulated.
FREAK, or factoring attack on RSA-EXPORT keys, allows attackers to decrypt traffic sent over an HTTPS connection between end users and websites. Attackers are able to use the exploit when an end-user using a vulnerable device connects to an HTTPS-protected site that is also vulnerable and the only ones at risk are sites using a weak cipher that was supposed to have been retired a while ago.
How to update
Attackers can manipulate this by introducing a weaker 512-bit encryption key into the protected session and then collecting any information passed over this exchange by using a low-cost method in the cloud.
AppleTV 7.1, iOS 8.2 and Security Update 2015-002 can all be downloaded on the relevant devices and doing so protects against information being pilfered by attackers.
Via: Apple
from TechRadar: All latest feeds http://ift.tt/1BnopDk
via IFTTT
0 commentaires :
Enregistrer un commentaire