Details are beginning to emerge about a vulnerability in the WPA2 wireless protocol called Krack that could allow attackers to inject data in order to install malware.
Discovered by Mathy Vanhoef who has launched a website, krackattacks.com to describe the vulnerabilities in WiFi Protected Access 2, or WPA2.
WiFi product vendors will be releasing updated firmware and drivers to router firmware and wireless network card drivers. It is highly advised that you update the firmware as soon as possible.
Below updated list of firmware and driver updates that patch the Krack WPA2 WiFi vulnerability:
- Aerohive
- Actiontec
- Apple
- Aruba Networks
- Barracuda Networks
- CentOS
- Cisco Meraki
- Debian/Ubuntu
- eero
- Espressif
- Extreme Networks
- Fortinet
- HostAP
- Lede
- Linux
- LineageOS
- Netgear: WN604, WNDAP620, WAC720/WAC730, WNAP210v2, WNDAP660, WND930, WAC505 / WAC510, WAC120, WNAP320, & WNDAP350.
- OpenBSD
- Open-Mesh
- Mikrotik
- Raspberry Pi (Jessie, Stretch)
- Tanaza
- Turris Omnia
- Ubiquiti
- WatchGuard
In Progress:
- AVM
- Cisco
- D-Link
- DrayTek
- Edimax
- EnGenius
- Intel
- Netgear
- Microchip Technology
- SopHos
- Peplink
- pfSense
- Rogers (Hitron)
- Ruckus Wireless
- Synology
- Zyxel
Firmware Update 3.9.3.7537 includes security patch for the WPA2 vulnerability called #KRACK More info > https://t.co/lc9ODD5U1e
— Ubiquiti Networks (@ubnt) October 16, 2017
@ptoone Aerohive Patched KRACK on Monday when it was announced. Please add 2 your list – https://t.co/RbwZx96JT9
— hubbert (@hubbert) October 23, 2017
Tanaza released its patch against the KRACK Wi-Fi vulnerability (v2.15.2 firmware) avilable on https://t.co/dBC5BFW4Hb
— Tanaza (@TanazaCloud) October 18, 2017
Aerohive Patched KRACK the day it was released. Please add Aerohive
https://www3.aerohive.com/support/security-bulletins/Product-Security-Announcement-Aerohives-Response-to-KRACK-10162017.html
That has been added. Thanks for letting me know.