Browser makers, however, didn't remove the ability for their software to use those weaker keys even following FREAK, Green said.
About 1 percent of websites still can use 512-bit keys, and the browser makers didn't want to break them. This time around, however, it appears they're ready to make that move.
Email servers, however, could be problematic, as many weren't upgraded after FREAK.
"The big problem is that software people use to run email servers is not as well maintained," Green said. "They don't think about them. They just set them up and forget them. A lot of the default configurations that are shipped with them are bad ones."
Sign up for CIO Asia eNewsletters.