Microsoft Has Already Fixed the “Fatal” WiFi Exploit And So Have Many Others [Updated List]

Author Photo
Oct 16, 2017
161Shares
Submit

The latest “devastating” story in the cybersecurity world came thanks to KRACK, making everyone’s Monday a little blue-r. The Wi-Fi exploit that has been called everything from fatal to catastrophic likely affects all Wi-Fi supporting devices. However, there is some light in all this gloom.

How to keep yourself safe from WPA2 KRACK exploit

As reported in our original post on security researcher Mathy Vanhoef’s report, the WPA2 exploit affects the handshake process of the security protocol. Not sure what you can do to protect yourself? It’s not that difficult (unless you own an IoT device). Here are some tips to help you protect yourself on the faulty Wi-Fi networks.

us-politics-securityRelatedOnce Net Neutrality Is Gone, Local Laws Won’t Be Able to Protect You from ISPs’ Claws – FCC Makes Sure of That
  • Try to stick to websites offering https since data transmitted through https is mostly secure.
  • Avoid public Wi-Fi networks; if you have to use them, do that through a VPN service.
  • You can also opt to use VPN while at home, as well, since data gets another layer of protection through these services – if legitimate.
  • If possible, use an Ethernet cable for internet connectivity since the exploit affects 802.11 traffic between a router and a device.
  • Contact your vendor to make sure your network is being protected with the flaw being patched.
  • Nope, no password change is required – for a change.

Remember, Vanhoef’s research was kept a closely guarded secret to give vendors and companies enough time to work on a patch. At the time of speaking, several have already released a patch to fix this damning flaw. While Google and Apple are yet to bring a patch, Microsoft in a statement wrote that it has already released a security update to address the issue.

“Customers who apply the update, or have automatic updates enabled, will be protected,” the company spokesperson said. “We continue to encourage customers to turn on automatic updates to help ensure they are protected.”

Who has patched up KRACK so far (status)

CERT said that Arista Networks Inc,  Lenovo and Vmware are not affected to KRACK.

We are trying to keep this list updated as more information is made available. If your device is vulnerable to this attack, don’t worry, install the patches and stick to https websites for secure transmission of data.

fcc-ajit-paiRelatedAnd It Begins! FCC Announces Plan to Overturn Net Neutrality Rules Opening Doors to “Fast Lanes”

* shows newly updated information

Submit