FREAK: Patch from Microsof

Microsoft patches FREAK for Windows, IE, Office

The FREAK flaw itself resides in the SSL protocol, so Microsoft has fixed with this patch (MS15-031) its own implementation of the protocol, which is used in all its proprietary software (workstation, server, IE Office).

The release contains fixes for 14 new bulletins in total, five of which are rated as Critical, nine as Important.

The bulletins address vulnerabilities residing in both the consumer and server editions of Microsoft Windows, Internet Explorer, Office, SharePoint Server, and Exchange Server. Most of them may disclose information, bypass security features or would allow an attacker to elevate privileges.

What should you do?

Once your Windows computer signals the availability of the updates don’t wait too long to apply it and reboot your system.

Avira, a company with over 100 million customers and more than 500 employees, is a worldwide leading supplier of self-developed security solutions for professional and private use. With more than 25 years of experience, the company is a pioneer in its field.