Microsoft Internet Explorer is contrary to initial tests but susceptible to the vulnerability freak. The name Freak stands for “Attack on RSA Factoring Export Keys” and refers to a policy of the US government, formerly the export of strong encryption technologies and forbade prescribed “weaker” export products for customers in other countries. Discovered has more than ten years old vulnerability in Paris a research team led by Karthikeyan Bhargavan, a computer scientist at the French national research institute INRIA .

According to Microsoft , all versions from Windows Server 2003, including Vista, Server 2008, 7, Server 2008 R2, 8 and 8.1, Server 2012 and 2012 R2 and Windows RT and RT 8.1. The bug is a security advisory , according to the person responsible for the encryption components Secure Channel (Schannel). An attacker could thus force a Windows client to use for encrypting a weaker RSA key with a longer of only 512 bits. This would allow him to intercept traffic and decrypt.

This can be prevented, however. As Microsoft reports that they can hedge against freak until the release of a patch, which is expected to be released soon, versions of Windows since Vista. To do this you must only use the editor gpedit change Group Policy, the order of SSL cipher suites. After the start of gpedit to navigate in computer configurations – Adminsitrative Templates – Network – SSL configuration settings. Then you open with a double click “Order of SSL cipher”. Then add in the cipher field published by Microsoft cipher added. However, this must be in one line and separated to the last with a comma.