As if Heartbleed wasn't enough of a headache for OpenSSL, security researchers have found another major flaw that lets attackers bypass the protocol's encryption without being detected. The flaw exploits the OpenSSL handshake to force sending and receiving computers to use weak passwords attackers can decrypt through man in the middle attacks.
Researchers find another OpenSSL security flaw
This newly discovered threat requires both the sending and receiving computers to use OpenSSL for their encrypted connection, which cuts out most Web browsers, although some VPN clients and Android device users are susceptible. It also requires the attacker to set up a position somewhere between the computers they are targeting, unlike Heartbleed which could target just the server hosting the encryption keys.
An OpenSSL security advisory stated,
An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.
Heartbleed gained attention after researchers revealed the flaw in April. The security hole was especially dangerous because it wasn't detectible, so no one had any way of knowing if their servers had been targeted.
The flaw exposed random server memory pieces which could include its encryption keys. Once in the hands of attackers, those keys could be used to decrypt and read all of the data passing into and out of the servers without anyone knowing it was happening.
Since this new threat requires the server and the user's computer to rely on OpenSSL for encrypted connections, it's less likely to be exploited, but is still possible.
The OpenSSL core team has already released patches to eliminate the security flaw. From the OpenSSL warning note:
- OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za.
- OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m.
- OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.
Mac, iPhone and iPad users are likely safe from the threat assuming they're using mainstream Web browsers like Safari and Firefox. VPN client apps, however, should be updated to the latest versions just to be safe.