Major security flaws in technology can go untreated for years until they become a pressing problem. Since the Heartbleed bug was revealed, other software flaws have emerged, and Microsoft's latest release of patch updates seeks to tackle more than 13 vulnerabilities.
The highlight of the newest collection of fixes, according to CNet, is the Factoring attack on RSA-EXPORT Keys flaw, popularly known as FREAK. By exploiting this function, criminals can theoretically access information transmitted between different electronic devices. Reportedly, no data has been compromised because of this flaw, even though it has existed for ten years, and could have allowed an exploit during this time.
In the announcement from Microsoft, the FREAK vulnerability is given the number 3046049. The company described how this particular danger could lead to problems with Transport Layers Security (TLS), which may interfere with user security protocols.
"The vulnerability could allow a man-in-the-middle (MiTM) attacker to force the downgrading of the key length of an RSA key to EXPORT-grade length in a TLS connection," the source says. "Any Windows system using Schannel [Secure Channel] to connect to a remote TLS server with an insecure cipher suite is affected."
Apple has also addressed the FREAK flaw specifically by unveiling its own new security updates. These apply to three different versions of its OS X, and the company has also emphasized that it was only an issue for certain RSA cipher suites.
Organizations that want to undergo a legacy system modernization process have to be able to rely on the security of the solution they choose. An up-to-date web-based mainframe terminal emulation tool can be calibrated to whatever browser is most common within the company and used to spread out business functions so everyone within an enterprise can use them.