Nearphuture.Org

General WiFi vulnerability on WPA2 : KRACK [2017-10-18]


Serious weaknesses have been found in WPA2, the protocol that secure all modern WiFi networks.

An attackers can use "Key Reinstallation AttaCKs" (KRACK) to read informations that was previously assumed to be safely encrypted. This can be used to steal sensitive information seen on the WiFi network. In some case it can also be used to inject and manipulate data (to inject ransomware or malware for example).

This weaknesses are in the Wi-Fi standard itself so all products are or implementations are vulnerable (all the OS and hardware).

So please make sure to keep your system up-to-date to get the fix as soon it will arrive on your equipments and OS. (Linux debian, ubuntu, Windows, iOS, macOS have been patched  already, but not the case of lot of Android and ioT devices).

The attack take place in the client side, so they are chance that WiFi Routers don't need update. But this mean any computer, phone, ioT devices (connected cameras or toys for example) are vulnerable.

More details at : https://www.krackattacks.com/