The vast majority of computer users are vulnerable to an online security hole known as “FREAK,” it was revealed Thursday.
The recently uncovered encryption flaw was first thought only to affect users of Apple and Google devices, but Microsoft said that Windows users are also vulnerable.
{mosads}“Upon completion of this investigation, Microsoft will take the appropriate action to help protect customers,” the company said in a security advisory posted online.
“This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.”
The disclosure is significant because Windows runs on the vast majority of personal computers worldwide.
The “FREAK” flaw leaves Internet surfers vulnerable to hacking when they visit a wide variety of government and social media websites.
Security researchers discovered the problem when they realized they could force websites to use weakened encryption, then easily breach those defenses.
Experts trace the flaw to a decades-old decision by the U.S. government to export weak encryption standards, which resulted in poorer quality security in software around the world.