Thousands of Android and iOS apps are still vulnerable to the FREAK bug

Author

Amanda Connolly

March 18, 2015

This article originally appeared on The Next Web

 According to FireEye researchers, a large number of iOS and Android apps are still vulnerable to the FREAK bug despite patches being released.

The report suggests Android has the biggest problem, with over 10 percent of apps open to attack.

The researchers scanned almost 11,000 Android apps that have more than a million downloads each and found that over 1000 of them were still vulnerable because they use an Open SSL library to connect to HTTPS servers. They wrote:

These 1228 apps have been downloaded over 6.3 billion times. Of these 1228 Android apps, 664 use Android’s bundled OpenSSL library and 564 have their own compiled OpenSSL library. All these OpenSSL versions are vulnerable to FREAK.

And when it comes to Apple’s iOS, things certainly don’t look much better. Out of over 14,000 popular iOS apps tested, 5.5 percent of them were connecting to the vulnerable HTTPS servers as well. However, this only applies to older version of the OS. Just seven of the vulnerable apps remain unfixed on iOS 8.2.

➤ FREAK Out on Mobile [FireEye]

 

This article was written by Amanda Connolly from The Next Web and was legally licensed through the NewsCred publisher network.

Great ! Thanks for your subscription !

You will soon receive the first Content Loop Newsletter