Tanzania Computer Emergency Response Team
FREAK (Factoring Attack on RSA-EXPORT Keys) SSL/TLS Vulnerability has been discovered, a weakness in some implementations of SSL/TLS. It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force the two to use weakened encryption, which the attacker can break to steal or manipulate sensitive data.
Microsoft has released a Security Advisory that includes a workaround for supported Windows systems.
Users and administrators are encouraged to review the Security advisory released by Microsoft; Vulnerability Note VU#243585 and apply the necessary mitigations.
For more information please visit: Microsoft Security Advisory and VU#243585