Using Avast with Web Shield enabled puts you at risk of the FREAK vulnerablityThis issue appears to have been resolved as of version 2015.10.2.2214.If you have disabled your Web Shield, please follow the steps below to re-activate it.- Open the Avast user interface
- Click Turn On text
- Avast should turn green. Proceed to the next step
- Click on Settings, and select Update
- Hit Update in both the Virus Definitions and the Program sections, and click OK
- Avast may ask you to reboot once complete! Save all your tasks and reboot Windows
Note: I have still not confirmed whether the Mail Shield is vulnerable. I would like to invite an Avast representative to answer this question.What can I do now?Confirm if your browser is still vulnerable: https://freakattack.com/If it still shows a red message, confirm your Avast version is 2015.10.2.2214. If it is, run Windows Update, manually update your browsers, or try to use a known safe browser.
As stated by FreakAttack's website:
If you run a server …
You should immediately disable support for TLS export cipher suites. While you’re at it, you should also disable other cipher suites that are known to be insecure and enable forward secrecy. For instructions on how to secure popular HTTPS server software, we recommend Mozilla’s security configuration guide and their SSL configuration generator. We also recommend testing your configuration with the Qualys SSL Labs SSL Server Test tool.
If you use a browser …
Make sure you have the most recent version of your browser installed, and check for updates frequently. Updates that fix the FREAK attack should be available for all major browsers soon.
If you’re a sysadmin or developer …
Make sure any TLS libraries you use are up to date. Unpatched OpenSSL, Microsoft Schannel, and Apple SecureTransport all suffer from the vulnerability. Note that these libraries are used internally by many other programs, such as wget and curl. You also need to ensure that your software does not offer export cipher suites, even as a last resort, since they can be exploited even if the TLS library is patched. We have provided tools for software developers that may be helpful for testing.
As usual,
stay away from sites you don't know. Employ common sense when browsing the Internet. only visit known safe, secure websites, always type in the full URL of your financial institutes instead of using connecting links from other websites and employ a reputable third-party payment gateway, such as PayPal (
https://www.paypal.com/) to handle your transactions instead of posting your credit card details.
Above all else,
Keep your Avast software and Virus Definitions updated at all times!.
If you have any problems, please shoot a message below, I will try my best to respond as quickly as possible.
