Hundreds of millions of Windows PC users are vulnerable to attacks exploiting the recently uncovered “FREAK” security vulnerability, which was initially believed to only threaten mobile devices and Mac computers, Microsoft Corp warned.
News of the vulnerability surfaced on Tuesday when a group of nine security experts disclosed that ubiquitous Internet encryption technology could make devices running Apple Inc’s iOS and Mac operating systems, along with Google Inc’s Android browser, vulnerable to cyberattacks.
Microsoft released a security advisory on Thursday warning customers that their PCs were also vulnerable to the “FREAK” vulnerability.
The weakness could allow attacks on PCs that connect with Web servers configured to use encryption technology intentionally weakened to comply with US government regulations banning exports of the strongest encryption.
If hackers are successful, they could spy on communications as well as infect PCs with malicious software, the researchers who uncovered the threat said on Tuesday.
The Washington Post on Tuesday reported that whitehouse.gov and fbi.gov were among the sites vulnerable to these attacks, but that the government had secured them.
Security experts said the vulnerability was relatively difficult to exploit, because hackers would need to use hours of computer time to crack the encryption before launching an attack.
“I don’t think this is a terribly big issue, but only because you have to have many ducks in a row,” Qualys Inc director of engineering for cybersecurity Ivan Ristic said.
That includes finding a vulnerable Web server, breaking the key, finding a vulnerable PC or mobile device, and then gaining access to that device.
Microsoft advised system administrators to employ a workaround to disable settings on Windows servers that allow use of the weaker encryption. It said it was investigating the threat and had not yet developed a security update that would automatically protect Windows PC users from the threat.
Apple Inc said it had developed a software update to address the vulnerability, which would be pushed out to customers next week.
Google Inc said it had also developed a patch, which it provided to partners that make and distribute Android devices.
“FREAK” stands for Factoring RSA-Export Keys.
WASHINGTON’S INCENTIVES: The CHIPS Act set aside US$39 billion in direct grants to persuade the world’s top semiconductor companies to make chips on US soil The US plans to award more than US$6 billion to Samsung Electronics Co, helping the chipmaker expand beyond a project in Texas it has already announced, people familiar with the matter said. The money from the 2022 CHIPS and Science Act would be one of several major awards that the US Department of Commerce is expected to announce in the coming weeks, including a grant of more than US$5 billion to Samsung’s rival, Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), people familiar with the plans said. The people spoke on condition of anonymity in advance of the official announcements. The federal funding for
HIGH DEMAND: The firm has strong capabilities of providing key components including liquid cooling technology needed for AI servers, chairman Young Liu said Hon Hai Precision Industry Co (鴻海精密) yesterday revised its revenue outlook for this year to “significant” growth from a “neutral” view forecast five months ago, due to strong demand for artificial intelligence (AI) servers from cloud service providers. Hon Hai, a major assembler of iPhones that is also known as Foxconn, expects AI server revenues to soar more than 40 percent annually this year, chairman Young Liu (劉揚偉) told investors. The robust growth would uplift revenue contribution from AI servers to 40 percent of the company’s overall server revenue this year, from 30 percent last year, Liu said. In the three-year period
LONG HAUL: Largan Energy Materials’ TNO-based lithium-ion batteries are expected to charge in five minutes and last about 20 years, far surpassing conventional technology Largan Precision Co (大立光) has formed a joint venture with the Industrial Technology Research Institute (ITRI, 工研院) to produce fast-charging, long-life lithium-ion batteries for electric vehicles, mobile electronics and electric storage units, the camera lens supplier for Apple Inc’s iPhones said yesterday. Largan Energy Materials Co (萬溢能源材料), established in January, is developing high-energy, fast-charging, long-life lithium-ion batteries using titanium niobium oxide (TNO) anodes, it said. TNO-based batteries can be fully charged in five minutes and have a lifespan of 20 years, a major advantage over the two to four hours of charging time needed for conventional graphite-anode-based batteries, Largan said in a
Taiwan is one of the first countries to benefit from the artificial intelligence (AI) boom, but because that is largely down to a single company it also represents a risk, former Google Taiwan managing director Chien Lee-feng (簡立峰) said at an AI forum in Taipei yesterday. Speaking at the forum on how generative AI can generate possibilities for all walks of life, Chien said Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) — currently among the world’s 10 most-valuable companies due to continued optimism about AI — ensures Taiwan is one of the economies to benefit most from AI. “This is because AI is