Home > What Is > Protect Your Windows PC from Freak Hack Attack

Protect Your Windows PC from Freak Hack Attack

Windows PC hack Attack

This article is about Windows PC hack Attack. As a result of mistakes done 20 years ago man in the middle attack happens. It was considered that windows PC are immune to the man in the middle attacks but soon it happened. This happens due to SSL & TSL encryption are not only detected in Windows PC but also in Apple & android too.

Windows PC hack Attack

In this, we are going to talk only about Windows. You can read the official statement of Microsoft.

“Microsoft is aware of a security feature bypass vulnerability in Secure Channel (Schannel) that affects all supported releases of Microsoft Windows. Our investigation has verified that the vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system.”

Any program that uses Microsoft SSL or TLS on any version of Windows from Vista to Windows 10 is vulnerable. As according to the testing process, Windows XP & server are safe from the attack.

Also ReadUse your Smartphone as Wireless Mouse in 2017

Microsoft has announced to release the fix for the bug. There is something which you can do for your machine. You can disable the RSA key exchange ciphers which let these attacks happen. Use Group Policy Object Editor for this. This trick can work in every version of Windows except Windows Server 2003. As Windows Server 2003 do not allow the ciphers to control by individuals.

Windows PC hack Attack
Windows PC hack Attack

Man in the middle Attack Prevention

Steps to prevent your Windows PC from these Freak attacks.

  • Open Cmd & type gpedit.msc, press Enter.
  • Group Policy Object Editor will be opened.
  • Open Computer Configuration -> Administrative Templates ->Network and then click SSL Configuration Settings.
  • Go to SSL Configuration Settings > SSL Cipher Suite Order.
  • Scroll to the bottom in SSL Cipher Suite Order.
  • Read the instructions for the editing.
  • Now enter the list of ciphers given below.
  • Click OK & close the editor & restart the system.

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

After this will changes will be made, your computer won’t be connected to those systems that do not support the ciphers listed in the specified list.

This method is only a prevention from the freaking man in the middle attack. In the newer versions, this vulnerability will be fixed after the testing from Microsoft will be done.

Also ReadPrevent e-mail tracking system using these Chrome Extension

If you find the information useful, then you can comment us with your feedback. We are waiting for your responses. Like us on Facebook for more Updates like this. Thank You.

Vanshanu raj

Vanshanu Raj is Computer Science Graduate from College of Engineering Roorkee & a Diploma Holder from Government Polytechnic Dehradun. He lives in Dehradun working as a security engineer in a mid sized IT company. As he always wants to aware people with Open Source Software & thier uses.

Leave a Reply

Your email address will not be published. Required fields are marked *