In a bulletin summary published yesterday, Microsoft detailed 14 new security patches, including five rated as ‘critical' and nine as ‘important', with the latter including the decade-old Freak flaw that affects all supported versions of Windows as well as Apple's Safari and Google's Android browsers. All but two of Microsoft's updates are for Windows.
"This security update resolves a vulnerability in Microsoft Windows that facilitates exploitation of the publicly disclosed Freak technique, an industry-wide issue that is not specific to Windows operating systems," said the firm in the bulletin on the Freak patch. "The security update addresses the vulnerability by correcting the cipher suite enforcement policies that are used when server keys are exchanged between servers and client systems."
The Freak flaw – officially known as Factoring RSA Export Keys or CVE-2015-0204– was discovered by ‘SmackTLS' researchers last week, and they revealed that they could force websites – via a Man-in-the-middle attack - into using weaker ‘export' 512-bit cipher encryption, before then cracking the encryption and stealing data such as passwords.
The researchers added there was no evidence of in-the-wild exploitation attacks. The vulnerability itself has been blamed on a former US policy banning US companies from exporting the strongest encryption standards in the 1990s, which some have said might have benefited the NSA for backdooring products and services.
This patch comes only one day after Apple released iOS 8.2, which addresses the flaw on mobile devices. Google, meanwhile, has already developed a fix and is working to roll-it out with device makers and wireless carriers.
"The news here is that Microsoft Schannel - the Windows analog of OpenSSL - is also susceptible to cipher downgrade attacks by active attackers,” said Tod Bearsdley, engineering manager at Rapid7. “This isn't particularly surprising, given Microsoft's traditional role as a software vendor to government institutions the world over; it would be strange if Windows did not ship with the weakened, export-grade ciphers that enable the attack in the first place.
“While Freak is absolutely a real bug, and the techniques used by INRIA and company are excellent examples of cryptography research, the practical effects of the bug are still quite limited. Some analyses characterise the attacker as an "eavesdropper," but that implies a passive stance. The attacker must be actively interfering with a specific TLS connection to trigger the vulnerability, so a fair amount of prep work to get in that position is a prerequisite.
“Because of the active man-in-the-middle requirement, this bug can be pretty useful for spies who are targeting specific users in otherwise high-security network environments. It's not very useful for typical internet criminals, since there are much easier methods to redirect and gather user traffic at varying levels of sophistication.”
Beardsley added: ““More generally, Freak shows us the danger of purposely backdooring cryptography. This bug is a side effect of some bad policy decisions made decades ago, and it should serve as a cautionary tale against purposely weakening encryption standards. Regardless of how tempting a "golden key" for decryption may seem, it's practically impossible to actually implement one without introducing widespread, unpredictable vulnerabilities."
Another significant patch was one to address the Stuxnet worm – which infected Windows systems to damage Iranian nuclear centrifuges back in 2010. The worm, thought to be developed by the US and Israel, gave a backdoor to allow outsiders to knock the nuclear facility offline but was first to have been patched in October 2010.
However, security researcher Michael Heerklotz detailed - via HP's Zero Day Initiative, that the underlying vulnerability has remained exploitable to remote code execution attack. The flaw has been given a new zero-day identifier CVE 2015-0096 (the previous identifier was CVE-2010-2568).
The bulletin addresses two remote code execution vulnerabilities, with one on how Windows handles loading of DLL files and the other patching how Windows Text Services improperly handles objects in memory.
“The patch failed. And for more than four years, all Windows systems have been vulnerable to exactly the same attack that Stuxnet used for initial deployment,” wrote HP security researcher Dave Weinstein.
Other patches include fixes for Adobe Font Driver, Internet Explorer and a critical remote code execution attack on Microsoft Office. Most minor flaws related to memory corruption issues.