Yesterday some worrying news hit the web, with a new exploit known as KRACK becoming public knowledge. This exploit allows attackers to read WiFi traffic between devices and wireless access points, the issue also works against common WiFi encryption methods, including WPA and WPA 2. Android and Linux devices were the most widely affected, but tech companies are already on the ball with fixes.
KRACK allows attackers to intercept traffic and read information that should have been encrypted. This can all be done without cracking a WiFi password too, meaning it could be used to intercept communications and personal information as long as the attacker is within range. Researchers found that 41 percent of Android devices were vulnerable to this attack, but Linux, macOS, Windows and iOS were also vulnerable.
Microsoft has already fixed the problem for customers running supported versions of Windows. If you are on an old version of the OS like XP, then you likely don’t have the security update. Meanwhile, a spokesperson for the Wi-Fi Alliance, also issued a statement, saying that this vulnerability “can be resolved through straightforward software updates”, adding that the WiFi industry has already begun rolling out patches.
Apple has said that it has developed an update for both iOS and macOS to protect against this vulnerability. It is currently in testing and should be released soon. Meanwhile, Google has said that it would release a patch for Android, but smartphone manufacturers will have a shared responsibility in this as they often provide their own security updates.
KitGuru Says: Most companies appear to be on the ball when it comes to addressing this. Given the seriousness of this exploit, be sure to check for security updates on your routers, PCs and smartphones to ensure you are fully protected.