Apple secures Safari against FREAK attacks<article>
<section class="page">
<p>
Apple on Monday patched the FREAK flaw in both OS X and iOS, issuing updates for both operating systems to protect users of its Safari browser.</p><p>
In a pair of accompanying advisories, Apple noted the FREAK fix as one of several in
iOS 8.2 and OS X Yosemite, Mavericks and Mountain Lion. The OS X update was labeled
2015-002 to identify it as a multi-edition fix.</p><p>
“Secure Transport accepted short ephemeral RSA keys, usually used only in export-strength RSA cipher suites, on connections using full-strength RSA cipher suites,” Apple stated in both advisories. “This issue, also known as FREAK, only affected connections to servers which support export-strength RSA cipher suites, and was addressed by removing support for ephemeral RSA keys.”</p><p class="jumpTag"><a href="/article/2894127/apple-secures-safari-against-freak-attacks.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
Apple secures Safari against FREAK attacks
