Microsoft: Internet Explorer, Windows vulnerable to FREAK attack
You are here
At Makerere we are still running old machines that have windows XP and it's supported end on April 8 2014, This information comes to enlighten us more. It will let you know what browsers to use.
Earlier this week, we covered the new FREAK attack (Factoring RSA Export Keys) that exploits decades-old security flaws to cripple security settings on modern browsers. At the time, it was believed Windows wasn’t affected. Microsoft has now released a statement that this isn’t true, and is advising users to apply a workaround until a patch can be provided. Affected operating systems include Windows Server 2003, Vista (all flavors), Server 2008, and all consumer versions of Windows, including Windows RT.
It appears that some Windows browsers are vulnerable while others aren’t — Internet Explorer 11, even when fully patched, still shows as vulnerable to the attack, while Firefox and Chrome don’t. The Microsoft workaround is shown below, but you’d best be comfortable with rooting around in the Group Policy Object Editor.