Windows XP here. My IE is VULNERABLE, my Google Chrome is not. Thanks, Roly!
My Chrome passed the test, as is, no patching necessary...
edit -- Firefox, Pale Moon and Sea Monkey also passed, IE..not so much
My Android phone showed vulnerable. I use the default Android browser, not sure if it can be patched as I've never seen an update for it. I'll search for what I can do, but if someone already knows I'd appreciate it!
Thanks, I have Chrome so just need to update it. I have it, but I don't like it If i browse with my default Android browser but do online orders from Chrome I should be safe from the freak attack right?If you can install the latest version of Chrome, you should be OK.
Bear in mind, this affects ANY https connection. Whether it be with your email account, shopping cart, etc. Any secure communication using https is affected by this bug.
It's unknown whether Google will address the default browser issue on Android. And if your phone is locked into a provider, you're also at their mercy as to when they'll push a patch. If Chrome isn't to your liking, I do believe FireFox makes a "droid" version as well.
Thanks for the heads up!
FF36.01 here on Win 7.1 - and came in vulnerable! Reading the freakcheck site, disabled Avast webshield and passed.
Looked into the latest program (not definition) version update of Avast, and was due for an update. Updated Avast to latest program version and all's good with it's web shield running.
While they state Firefox is not vulnerable, it pays to check. Your AV program may "intercept" the https calls, and if it's vulnerable an impervious browser won't help!
A security warning for ecommerce purchases has been published Friday March 7th.
Some browsers have an HTTPS encryption vulnerability that can lead to your data being stolen by the web traffic being intercepted and the code easily cracked.
Check to see if your browser passes the exploit test below.
More info - see:
BBC News - Millions at risk from 'Freak' encryption bug
Browser / OS details:
https://freakattack.com
Exploit test:
https://cve.freakattack.com
If the page loads correctly then your browser / OS has an exploit. Reports are it says 'Vulnerable'.
If the page does not load you're OK.
It affects communications made on HTTPS - this usually means purchases via ecommerce. There is no issue with regular traffic. It just means encrypted traffic isn't properly protected. In theory this means card details could be stolen by intercepting the traffic between your device and the server.
Firefox can fail
Looks as if Firefox can fail in cases where an antivirus has a proxy that is vulnerable. Avast Web Shield is reported to cause a fail. If you have Firefox but get a fail - the page loads and says VULNERABLE - then maybe you have a faulty a/v. No doubt it will be patched soon. With Avast, open it then turn off the Web Shield.