Time for all Windows users to FREAK out over encryption bug
The news was a turnabout from earlier in the week, when researchers initially fingered only Apple's iOS and OS X and Google's Android operating systems as those that could fall victim to cybercriminals spying on purportedly secure communications between browsers and website servers.
By adding Windows to the list, the number of jeopardized users jumped dramatically: Windows powered 92% of all personal computers last month.
In a security advisory released Thursday, Microsoft said Windows was, in fact, vulnerable to FREAK (Factoring attack on RSA-EXPORT Keys).
"Microsoft is aware of a security feature bypass vulnerability in Secure Channel (Schannel) that affects all supported releases of Microsoft Windows," Microsoft said in the advisory. "Our investigation has verified that the vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system."
Schannel is a set of Windows protocols that, among other things, accesses the OS's cryptographic features to encrypt traffic between browsers and website servers using SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security).
FREAK, on the other hand, is the label for the flaw that researchers from INRIA, a French research institute, and Microsoft disclosed Tuesday. The bug could allow attackers to silently force a browser-server connection to fall back to long-discarded encryption standards, those guarded by keys relatively easy to crack with off-the-shelf software and computing power purchased from cloud services like Amazon's EC2.
The most likely assault would be through a classic "man-in-the-middle" (MITM) attack, where criminals interpose themselves between users and servers on an insecure Wi-Fi network, like those at coffee shops and airports.
Microsoft listed every still-supported version of Windows as affected by the bug. Although the advisory did not promise a patch, Microsoft almost certainly will. The next regularly scheduled Patch Tuesday is next week, March 10.
In their default configurations, however, Windows-powered servers -- except for Windows Server 2003, the edition slated for retirement in July -- do not support the export-grade ciphers that are at the root of FREAK.
Because Windows harbors the bug, Microsoft's IE browser is also vulnerable to a FREAK attack. (IE relies on Windows' cryptography to implement SSL and TLS.)
Earlier this week, the FREAKattack.com browser test -- maintained by a group of computer scientists at the University of Michigan -- reported that IE was safe. That was premature. "An earlier version of our test gave incorrect results for IE; IE is indeed vulnerable," the group said on a revised FreakATTACK.com.
Computerworld confirmed that IE11, which reported itself safe on Wednesday at the test site, now reports that it is vulnerable. Earlier versions of the browser are also at risk.
One interesting point that Microsoft did not mention is that the aged Windows XP is also probably vulnerable. Because Windows Server 2003 is vulnerable, Windows XP is almost guaranteed to be as well: The former is based on XP.
But Microsoft retired the aged Windows XP from support in April 2014, and so will not offer a patch to the general public. Enterprises that have paid for port-retirement Custom Support, however, will most likely receive a fix.
XP's vulnerability, and its unpatched status, going forward are not trivial matters: According to Web analytics vendor Net Applications, 21% of all Windows PCs relied on the 13-year-old operating system last month, second only to Windows 7.
Nor will businesses running Windows XP be able to protect those machines using Microsoft's recommended temporary defense of disabling weaker ciphers with Group Policy, instructions for which were outlined in the advisory. "The cipher management architecture on Windows Server 2003 does not allow for the enabling or disabling of individual ciphers," Microsoft acknowledged.
Like Server 2003, Windows XP also lacks the capability of disabling individual ciphers. That feature was introduced in 2007's Windows Vista.