There is a new security bug found by researchers that affects Safari on both iOS, OS X latest versions as of March 4th, 2015 and Android users as well. “FREAK” is a new security vulnerability which stands for “Factoring RSA Export Keys” that enables attackers to listen (spy) any communication or data transmitted through encrypted channel. Attackers can force web browsers to use weaker encryption standards on iPhone, Mac and Android devices to steal passwords, credit card information, and other personal information from users device or computer.
Apple recently made an announcement, that it will fix FREAK security exploit in a week time by releasing its next update. Both iOS and OS X will receive security updates to address this issue. As it is a web based attack, the risk level is Critical and websites like Whitehouse.gov, NSA.gov, FBI.gov, Bank Websites are vulnerable as well.
After POODLE SSL Vulnerability this is quite a series flaw that affects millions of computers and mobile devices. The sad state is, this vulnerability exists for a decade and very recently security researchers discovered the problem. There is no announcement from Google yet about fix for FREAK Vulnerability on Android mobile devices.