Microsoft Patches FREAK, Stuxnet Flaws

Microsoft has released its March Patch Tuesday fixes. Among the 14 patches is one that addresses the "FREAK" security vulnerability, a decade-old encryption flaw that has been found recently. The bulletin (MS15-031) is rated "important," Microsoft's second highest ranking security ranking and comes just a week after Microsoft admitted that the encryption protocols used in all supported version of Windows were also vulnerable to the flaw.

"This security update resolves a vulnerability in Microsoft Windows that facilitates exploitation of the publicly disclosed FREAK technique, an industry-wide issue that is not specific to Windows operating systems," Redmond said in the bulletin. "The security update addresses the vulnerability by correcting the cipher suite enforcement policies that are used when server keys are exchanged between servers and client systems."

The updates also include a fix for another old and well-known bug called Stuxnet. Although other fixes for the problem have been in the wild for years, they obviously didn't work as intended.

Another five 'critical' updates fix flaws in Internet Explorer, Windows, Windows VBScript Scripting Engine, Windows Adobe Font Driver and Microsoft Server in Office.

Read more -here-

• Comcast rolls out 'Now' prepaid phone and internet plans
• Logitech adds ChatGPT button to hardware
• Boston Dynamics retires its hydraulic humanoid robot Atlas
• Microsoft starts testing ads in the Windows 11 Start menu
• Apple warns of iPhone 'mercenary spyware attack' across 92 countries
• Broadband 'nutrition labels' kick in, revealing hidden fees for ISPs