Apple, Microsoft Get Their FREAK Patch On

"Both Apple and Microsoft have patched the FREAK SSL vulnerability—and Microsoft also addressed Stuxnet vulnerabilities that have gone unpatched for five years.

FREAK allows an attacker to inject code between vulnerable clients and servers, forcing both sides to use weak 512-bit encryption, which can be cracked in a matter of hours—allowing for an MITM attack. FREAK was said to affect around 36% of all sites trusted by browsers, and cloud security firm Skyhigh Networks said that 24 hours after FREAK was made public last week, there were still 766 cloud services at risk from the flaw—with the average company using 122 “potentially vulnerable” services."