KRACK vulnerability patched by Microsoft, Apple, Netgear, Cisco and others
The WPA2 security flaw that affects nearly all Wi-Fi devices in the world has been patched by Microsoft, Apple, Cisco, Netgear and others, while Google is still working on a fix. Meanwhile, vendors are finding it difficult to roll out patches for vulnerable computers, phones and routers.
A security flaw compromising Wi-Fi Protected Access II (WPA 2) protocol has the entire world on edge since two days. Almost everyone who uses a Wi-Fi device is vulnerable to data breach and privacy hacks, as warned the US Computer Emergency Readiness Team on Sunday.
The security flaw in the WPA2 standard created by the Wi-Fi Alliance was found to have several key management vulnerabilities in the four-way handshake. The Wi-Fi exploit is know as "KRACK" — Key Reinstallation Attacks.
“This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites," warned Mathy Vanhoef, the security researcher who discovered the flaw.
This huge security vulnerability could possibly affect the 15 Billion plus Wi-Fi devices around the world! However, there is some good news for Microsoft and Apple users.
Microsoft says that it had already patched Windows systems on October 10. “Customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates,” the company said in a statement released to the media.
Apple, too, responded to the KRACK security threat and sourced confirmed to Apple Insider that the company has patched the attack vector in the current beta versions of iOS, tvOS, watchOS, macOS betas.
The threat of the KRACK attack was kept a secret from the entire world to help vendors come up with security patches. However, not many have managed to do so just yet. The list of affected devices is very long and includes names like – Google,Cisco, Samsung Mobile, Amazon, Netgear, MediaTek and so on.
Google has said that it is working on a patch for the WPA2 vulnerability and will begin rolling out the same to Pixel devices starting November 6. Google is in quite a spot as far as the security flaw in concerned. An estimated 41 percent of Android devices are in danger of getting affected by some form of the KRACK attack. It may take several weeks for non-Pixel devices to be patched.
Sadly, the WPA2 flaw is not an easy one to fix. The KRACK attack targets how WPA2 reinstalls private keys, and can be executed in several ways, making it difficult for vendors to come up with one patch that would protect against all possible kinds of attacks.
Meanwhile, the Wi-Fi Alliance has issued a security update stating that the issue can be resolved “through straightforward software updates.” In its statement, the Wi-Fi Alliance continues to write, “There is no evidence that the vulnerability has been exploited maliciously, and Wi-Fi Alliance has taken immediate steps to ensure users can continue to count on Wi-Fi to deliver strong security protections. Wi-Fi Alliance now requires testing for this vulnerability within our global certification lab network and has provided a vulnerability detection tool for use by any Wi-Fi Alliance member.”
The Alliance further thanked Mathy Vanhoef and Frank Piessens of the imec-DistriNet research group of KU Leuven for discovering and responsibly reporting the issue, “allowing industry to proactively prepare updates.”
Where are the updates though? Even if Microsoft and Apple patch the vulnerability, there are thousands of other companies making Wi-Fi ready products that are still struggling to patch the WPA2 flaw.
Cisco says the company is investigating which products are impacted. "Cisco is aware of the industry-wide vulnerabilities affecting Wi-Fi Protected Access protocol standards," a Cisco spokesperson told ZDNet. Cisco has made some patches available, however it is still looking to patch all products.
Intel has also listed patches for chipsets and Wi-Fi drives in a security advisory.
Netgear has also listed patches for certain routers, including – WAC120, WAC505/WAC510, WAC720/730, WN604, WNAP210v2, WNAP320, WNDAP350, WNDAP620, WNDAP660, WND930.