Hundreds of millions of Windows PC users are vulnerable to attacks exploiting the recently uncovered “FREAK” security vulnerability, which was initially believed to only threaten mobile devices and Mac computers, Microsoft Corp warned.
News of the vulnerability surfaced on Tuesday when a group of nine security experts disclosed that ubiquitous Internet encryption technology could make devices running Apple Inc’s iOS and Mac operating systems, along with Google Inc’s Android browser, vulnerable to cyberattacks.
Microsoft released a security advisory on Thursday warning customers that their PCs were also vulnerable to the “FREAK” vulnerability.
The weakness could allow attacks on PCs that connect with Web servers configured to use encryption technology intentionally weakened to comply with US government regulations banning exports of the strongest encryption.
If hackers are successful, they could spy on communications as well as infect PCs with malicious software, the researchers who uncovered the threat said on Tuesday.
The Washington Post on Tuesday reported that whitehouse.gov and fbi.gov were among the sites vulnerable to these attacks, but that the government had secured them.
Security experts said the vulnerability was relatively difficult to exploit, because hackers would need to use hours of computer time to crack the encryption before launching an attack.
“I don’t think this is a terribly big issue, but only because you have to have many ducks in a row,” Qualys Inc director of engineering for cybersecurity Ivan Ristic said.
That includes finding a vulnerable Web server, breaking the key, finding a vulnerable PC or mobile device, and then gaining access to that device.
Microsoft advised system administrators to employ a workaround to disable settings on Windows servers that allow use of the weaker encryption. It said it was investigating the threat and had not yet developed a security update that would automatically protect Windows PC users from the threat.
Apple Inc said it had developed a software update to address the vulnerability, which would be pushed out to customers next week.
Google Inc said it had also developed a patch, which it provided to partners that make and distribute Android devices.
“FREAK” stands for Factoring RSA-Export Keys.
NEW IMPORTS: Car dealer PG Union Corp said it would consider introducing US-made models such as the Jeep Grand Cherokee and Stellantis’ RAM 1500 to Taiwan Tesla Taiwan yesterday said that it does not plan to cut its car prices in the wake of Washington and Taipei signing the Agreement on Reciprocal Trade on Thursday to eliminate tariffs on US-made cars. On the other hand, Mercedes-Benz Taiwan said it is planning to lower the price of its five models imported from the US after the zero tariff comes into effect. Tesla in a statement said it has no plan to adjust the prices of the US-made Model 3, Model S and Model X as tariffs are not the only factor the automaker uses to determine pricing policies. Tesla said
OpenAI has warned US lawmakers that its Chinese rival DeepSeek (深度求索) is using unfair and increasingly sophisticated methods to extract results from leading US artificial intelligence (AI) models to train the next generation of its breakthrough R1 chatbot, a memo reviewed by Bloomberg News showed. In the memo, sent on Thursday to the US House of Representatives Select Committee on China, OpenAI said that DeepSeek had used so-called distillation techniques as part of “ongoing efforts to free-ride on the capabilities developed by OpenAI and other US frontier labs.” The company said it had detected “new, obfuscated methods” designed to evade OpenAI’s defenses
China’s top chipmaker has warned that breakaway spending on artificial intelligence (AI) chips is bringing forward years of future demand, raising the risk that some data centers could sit idle. “Companies would love to build 10 years’ worth of data center capacity within one or two years,” Semiconductor Manufacturing International Corp (SMIC, 中芯) cochief executive officer Zhao Haijun (趙海軍) said yesterday on a call with analysts. “As for what exactly these data centers will do, that hasn’t been fully thought through.” Moody’s Ratings projects that AI-related infrastructure investment would exceed US$3 trillion over the next five years, as developers pour eye-watering sums
Bank of America Corp nearly doubled its forecast for the nation’s economic growth this year, adding to a slew of upgrades even after a rip-roaring last year propelled by demand for artificial intelligence (AI). The firm lifted its projection to 8 percent from 4.5 percent on “relentless global demand” for the hardware that Taiwanese companies make, according to a note dated yesterday by analysts including Xiaoqing Pi (皮曉青). Taiwan’s GDP expanded 8.63 percent last year, the fastest pace since 2010. The increase “reflects our sustained optimism over Taiwan’s technology driven expansion and is reinforced by several recent developments,” including a more stable currency,
RSS