Report: 3.5 Million HTTPS Servers Vulnerable to DROWN | Software | LinuxInsider

A report released Tuesday on the DROWN vulnerability raises concerns about possible attacks that could expose encrypted communications.

DROWN, which stands for “Decrypting RSA with Obsolete and Weakened eNcryption,” is a serious vulnerability that affects HTTPS and other services using SSL version 2, according to the team of security researchers who compiled the report.

The protocols affected are some of the essential cryptographic protocols for Internet security. An attack could decrypt secure HTTPS communications, such as passwords or credit card numbers, within minutes.

via Report: 3.5 Million HTTPS Servers Vulnerable to DROWN | Software | LinuxInsider.