Apple has patched a recently discovered security hole that has been around for more than 10 years.
Released on Monday following the company’s Apple Watch event, iOS 8.2 includes a fix that resolves the security bug known as “FREAK.” The bug could have left users of Apple’s mobile Safari and Google’s Android browsers more vulnerable to hacking, security researchers told the Washington Post last week.
The researchers found no evidence that any hackers had taken advantage of the flaw. But hackers could have intercepted even supposedly secure connections to hundreds of thousands of websites, including Whitehouse.gov, NSA.gov and FBI.gov.
The researchers blamed the hole on a former US policy that prevented US companies from exporting the strongest encryption standards available. Though the restrictions were removed in the late 1990s, the weaker standard had already been built into such software as Web browsers. iOS 8.2 fixed the problem by removing support for the weaker RSA encryption keys that had been at the heart of the problem.
Read the Full Article: Source – c|net