FREAK Vulnerability

March 11, 2015

FREAK Vulnerability

A vulnerability has been discovered in several implementations of the SSL/TLS protocols used to secure many web sites. This vulnerability, known as FREAK (Factoring RSA Export Keys), would enable a man-in-the-middle attack to force a web browser into using weaker 'export-grade' encryption to communicate with a web server. The weaker encryption could be cracked by an attacker within a few hours.

The FREAK vulnerability does not affect MobiControl directly but does affect the Microsoft Windows operating systems on which MobiControl systems are hosted.

On-premise Customers

Microsoft has issued a security update for currently supported versions of Windows, and customers should apply this update to their systems as soon as possible. See Microsoft Security Bulletin MS15-031 for more information about the update.

Cloud Customers

Cloud customers are not affected by this vulnerability.

SOTI Services

The systems that host the SOTI Services have been updated and are no longer affected by this vulnerability.