SSL Vulnerability Logjam

What does Logjam mean for your business?

Follow up investigations on the FREAK vulnerability have led to the discovery of yet another SSL encryption protocol vulnerability: Logjam. According to researchers at Johns Hopkins University, the flaw has been around for almost two decades, but was just recently discovered. It weakens the encrypted connection between user and web/email server. About 8% of the top one million HTTPS sites are estimated to be vulnerable.
SSL Vulnerability Logjam

Affected browsers

  • Google Chrome
  • Mozilla Firefox
  • Internet Explorer
  • Apple Safari

How does Logjam work?

The problem is, the encryption protocol called Diffie-Hellman lets hackers downgrade connections to crackable 512-bit security (if an attacker can get man-in-the-middle access). It’s unknown if malicious entities have exploited the weakness.

 SEE ALSO: PCI DSS 3.1: Stop Using SSL and Outdated TLS Immediately

Our recommendations

Luckily, we aren’t waiting around for browser patches for this vulnerability. It’s already been patched. Here are our recommendations.
  • Don’t use SSL version 2.0 or 3.0. (Use TLS 1.1 or 1.2)
  • Don’t use export-level cyphers.
  • If you haven’t upgraded your email server after FREAK, do so now.
  • If you’re an admin, you need to change the Diffie-Hellman cipher settings on your server. 
  • If you’re a casual browser, install the latest version of your browser…and browse on.
SecurityMetrics vulnerability scan customers can check if their systems are vulnerable by running a SecurityMetrics vulnerability scan. If you've been running your regular scans and fixing vulnerabilities as they arise, you should already be covered on a server level basis.

If you have any questions, please contact SecurityMetrics support, 801.705.5700.


Wednesday, May 20, 2015