Latest in Encryption

Image credit:

Windows is vulnerable to web encryption attacks, too


Sponsored Links

Microsoft's software isn't immune to the rash of recent web encryption exploits, it seems. The company has discovered (and thankfully, patched) a Windows flaw that lets hackers use the software's Secure Channel technology, which handles SSL and TLS encryption, to compromise PCs. If you're susceptible, you only have to visit a maliciously-coded website to trigger it; after that, thieves can swipe cryptographic keys and theoretically spy on your communications. The vulnerability primarily affects servers (where a lot of encrypted traffic flows), but Microsoft warns that it also affects regular versions of Windows from Vista on up.

You probably don't have to worry about your personal systems, since you can simply grab the fix and move on. However, it's still going to be a major concern for your employer or some of the sites you visit. Many companies are cautious about installing updates to avoid infrastructure problems, but they may have to move quickly if they want to avoid the attacks that will invariably follow.

[Image credit: John MacDougall/AFP/Getty Images]

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr