According to FireEye researchers, a large number of iOS and Android apps are still vulnerable to FREAK bug vulnerability despite the patches they released.
Her report FireEye states that Android has the largest problem, since over 10% of its applications are vulnerable to attack.
The researchers scanned nearly 11.000 Android apps that have more than a million downloads each and found that over 1000 were still vulnerable because they use an open SSL library to connect to HTTPS servers.
“The 1228 apps have been downloaded over 6,3 billionmillions times. Of these 1228 Android applications, 664 use the OpenSSL library that Android typically uses, and the remaining 564 have their own OpenSSL library. All of these OpenSSL versions are vulnerable to FREAK.”
As for Apple iOS, things are certainly not much better. Over 14.000 popular iOS applications were examined, and a 5,5% of them was connected to vulnerable HTTPS servers.
You can read all of her report security company from here.
