Latest in Gear

Image credit: AOL

Microsoft already has a fix for that severe WiFi security exploit (updated)

Google has an Android patch coming within weeks.
1801 Shares
Share
Tweet
Share

Sponsored Links

AOL

The "Krack Attack" WiFi encryption security flaw is more than a little frightening, but you should already be relatively safe if you're using a recent Windows PC. Microsoft has released a patch that fixes the vulnerability on all supported versions of Windows (effectively, 8 or later). Windows isn't as susceptible to the flaw as Linux-based platforms like Android, which don't demand a unique encryption key, but this fix may have a significant impact simply through the sheer ubiquity of Windows in the computing world.

To recap: the exploit revolves around cloning a WPA2-encrypted WiFi network, impersonating its MAC address and changing the WiFi channel. Intruders can force your device to connect to this bogus network instead of the legitimate one, making it easier for them to snoop on your data traffic or perpetrate attacks that require a local network. Would-be hackers have to get within physical distance of a target network for this to succeed, but that's potentially a huge problem for public networks.

As for other platforms? Apple hasn't detailed a fix yet, but Google is promising that Android phones with a November 6th security update will be protected against Krack Attack. The Wi-Fi Alliance is also requiring that all of its partners (including Apple and others) check for the exploit and patch if necessary. The issue is already in hand, then. The main concern is whether or not updates arrive in a timely manner -- not every Android vendor delivers security updates in a timely fashion, so you may end up waiting past November 6th to lock down your device.

Update: Apple says the flaw has been fixed in the beta versions of macOS, iOS, tvOS and watchOS. Given that the finished versions of these updates are expected in October, you shouldn't have to wait too much longer if you prefer Cupertino's products.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
1801 Shares
Share
Tweet
Share

Popular on Engadget

The Morning After: Nike's accessible AJI

The Morning After: Nike's accessible AJI

View
HTC's Exodus 1s can run a full Bitcoin node for under $250

HTC's Exodus 1s can run a full Bitcoin node for under $250

View
Kik Messenger will keep running under a different owner

Kik Messenger will keep running under a different owner

View
Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

View
Nike puts an accessibility twist on its iconic Air Jordan 1

Nike puts an accessibility twist on its iconic Air Jordan 1

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr