A new blog post from security vendor FireEye says that hundreds of popular mobile apps still need to be patched to repair the FREAK vulnerability disclosed earlier this month. FREAK, which stands for Factoring Attack on RSA-EXPORT Keys, allows attackers to overcome encryption protocols. Security researchers disclosed the flaw on March 3. Apple and Google have patched iOS and Android, but many mobile development firms with finance, communication, shopping, business and medicine apps still have not addressed the problem.
FireEye says that it tested 10,985 Android apps that had been downloaded more than a million times each and found that 1,228 were still vulnerable to FREAK. It also examined 14,079 popular iOS apps and found that 771 were still vulnerable.