Microsoft Corporation Information for VU#243585

SSL/TLS implementations accept export-grade RSA keys (FREAK attack)

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

SChannel is vulnerable. Internet Explorer is also vulnerable.

A patch has been released. Please see the Microsoft Security Bulletin below.

Vendor References

https://technet.microsoft.com/library/security/MS15-031
https://technet.microsoft.com/library/security/3046015.aspx

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.