IT Services would like to alert the campus community of a recently announced vulnerability that affects a number of web browsers and operating systems. The “FREAK” vulnerability is one that enables SSL Man-in-the-Middle attacks by forcing browsers to downgrade the cipher suites used in SSL/TLS connections.
Microsoft, Google and Apple have announced that patches will be released to correct the vulnerability. Individuals should ensure that they are running the latest version of their browser to mitigate “FREAK”.
If you have any questions regarding this vulnerability, please contact the University’s Service Desk at ext. 8888.