Slashdot Mirror
Every Patch For 'KRACK' Wi-Fi Vulnerability Available Right Now (zdnet.com)
An anonymous reader quotes a report from ZDNet: As reported previously by ZDNet, the bug, dubbed "KRACK" -- which stands for Key Reinstallation Attack -- is at heart a fundamental flaw in the way Wi-Fi Protected Access II (WPA2) operates. According to security researcher and academic Mathy Vanhoef, who discovered the flaw, threat actors can leverage the vulnerability to decrypt traffic, hijack connections, perform man-in-the-middle attacks, and eavesdrop on communication sent from a WPA2-enabled device. In total, ten CVE numbers have been preserved to describe the vulnerability and its impact, and according to the U.S. Department of Homeland Security (DHS), the main affected vendors are Aruba, Cisco, Espressif Systems, Fortinet, the FreeBSD Project, HostAP, Intel, Juniper Networks, Microchip Technology, Red Hat, Samsung, various units of Toshiba and Ubiquiti Networks. A list of the patches available is below. For the most up-to-date list with links to each patch/statement (if available), visit ZDNet's article.
Apple: The iPhone and iPad maker confirmed to sister-site CNET that fixes for iOS, macOS, watchOS and tvOS are in beta, and will be rolling it out in a software update in a few weeks.
Arris: a spokesperson said the company is "committed to the security of our devices and safeguarding the millions of subscribers who use them," and is "evaluating" its portfolio. The company did not say when it will release any patches.
Aruba: Aruba has been quick off the mark with a security advisory and patches available for download for ArubaOS, Aruba Instant, Clarity Engine and other software impacted by the bug.
AVM: This company may not be taking the issue seriously enough, as due to its "limited attack vector," despite being aware of the issue, will not be issuing security fixes "unless necessary."
Cisco: The company is currently investigating exactly which products are impacted by KRACK, but says that "multiple Cisco wireless products are affected by these vulnerabilities."
"Cisco is aware of the industry-wide vulnerabilities affecting Wi-Fi Protected Access protocol standards," a Cisco spokesperson told ZDNet. "When issues such as this arise, we put the security of our customers first and ensure they have the information they need to best protect their networks. Cisco PSIRT has issued a security advisory to provide relevant detail about the issue, noting which Cisco products may be affected and subsequently may require customer attention.
"Fixes are already available for select Cisco products, and we will continue publishing additional software fixes for affected products as they become available," the spokesperson said.
In other words, some patches are available, but others are pending the investigation.
Espressif Systems: The Chinese vendor has begun patching its chipsets, namely ESP-IDF and ESP8266 versions, with Arduino ESP32 next on the cards for a fix.
Fortinet: At the time of writing there was no official advisory, but based on Fortinet's support forum, it appears that FortiAP 5.6.1 is no longer vulnerable to most of the CVEs linked to the attack, but the latest branch, 5.4.3, may still be impacted. Firmware updates are expected.
FreeBSD Project: There is no official response at the time of writing.
Google: Google told sister-site CNET that the company is "aware of the issue, and we will be patching any affected devices in the coming weeks."
HostAP: The Linux driver provider has issued several patches in response to the disclosure.
Intel: Intel has released a security advisory listing updated Wi-Fi drives and patches for affected chipsets, as well as Intel Active Management Technology, which is used by system manufacturers.
Linux: As noted on Charged, a patch is a patch is already available and Debian builds can patch now, while OpenBSD was fixed back in July.
Netgear: Netgear has released fixes for some router hardware. The full list can be found here.
Microsoft: While Windows machines are generally considered safe, the Redmond giant isn't taking any chances and has released a security fix available through automatic updates.
MikroTik: The vendor has already released patches that fix the vulnerabilities.
OpenBSD: Patches are now available.
Ubiquiti Networks: A new firmware release, version 3.9.3.7537, protects users against the attack.
Wi-Fi Alliance: The group is offering a tool to detect KRACK for members and requires testing for the bug for new members.
Wi-Fi Standard: A fix is available for vendors but not directly for end users.
Apple: The iPhone and iPad maker confirmed to sister-site CNET that fixes for iOS, macOS, watchOS and tvOS are in beta, and will be rolling it out in a software update in a few weeks.
Arris: a spokesperson said the company is "committed to the security of our devices and safeguarding the millions of subscribers who use them," and is "evaluating" its portfolio. The company did not say when it will release any patches.
Aruba: Aruba has been quick off the mark with a security advisory and patches available for download for ArubaOS, Aruba Instant, Clarity Engine and other software impacted by the bug.
AVM: This company may not be taking the issue seriously enough, as due to its "limited attack vector," despite being aware of the issue, will not be issuing security fixes "unless necessary."
Cisco: The company is currently investigating exactly which products are impacted by KRACK, but says that "multiple Cisco wireless products are affected by these vulnerabilities."
"Cisco is aware of the industry-wide vulnerabilities affecting Wi-Fi Protected Access protocol standards," a Cisco spokesperson told ZDNet. "When issues such as this arise, we put the security of our customers first and ensure they have the information they need to best protect their networks. Cisco PSIRT has issued a security advisory to provide relevant detail about the issue, noting which Cisco products may be affected and subsequently may require customer attention.
"Fixes are already available for select Cisco products, and we will continue publishing additional software fixes for affected products as they become available," the spokesperson said.
In other words, some patches are available, but others are pending the investigation.
Espressif Systems: The Chinese vendor has begun patching its chipsets, namely ESP-IDF and ESP8266 versions, with Arduino ESP32 next on the cards for a fix.
Fortinet: At the time of writing there was no official advisory, but based on Fortinet's support forum, it appears that FortiAP 5.6.1 is no longer vulnerable to most of the CVEs linked to the attack, but the latest branch, 5.4.3, may still be impacted. Firmware updates are expected.
FreeBSD Project: There is no official response at the time of writing.
Google: Google told sister-site CNET that the company is "aware of the issue, and we will be patching any affected devices in the coming weeks."
HostAP: The Linux driver provider has issued several patches in response to the disclosure.
Intel: Intel has released a security advisory listing updated Wi-Fi drives and patches for affected chipsets, as well as Intel Active Management Technology, which is used by system manufacturers.
Linux: As noted on Charged, a patch is a patch is already available and Debian builds can patch now, while OpenBSD was fixed back in July.
Netgear: Netgear has released fixes for some router hardware. The full list can be found here.
Microsoft: While Windows machines are generally considered safe, the Redmond giant isn't taking any chances and has released a security fix available through automatic updates.
MikroTik: The vendor has already released patches that fix the vulnerabilities.
OpenBSD: Patches are now available.
Ubiquiti Networks: A new firmware release, version 3.9.3.7537, protects users against the attack.
Wi-Fi Alliance: The group is offering a tool to detect KRACK for members and requires testing for the bug for new members.
Wi-Fi Standard: A fix is available for vendors but not directly for end users.
I just updated the WiFi exploit and Adobe flash for it. They have my back covered.
here.
I love how the section on Linux patch availability talks about one of the BSDs. Always good to hear about your mission critical patches from people who don't know the difference.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Just to be clear, you probably only need to patch the client devices, not the wireless access points. In particular, https://www.krackattacks.com says the following:
So when is Apple going to patch their router hardware?
Tim Cook may have forgotten that Apple sells wifi APs, but I haven't.
Yup, what about them?
Well, in a reasonably quality article (on windows central), linked from the Crappy article linked on the front page of Slashdot (as ussual), they had the info for DD-WRT and LEDE (OpenWRT). It turns out that the Source has been modified already, but no firmware images produced yet.
Now, is just wait and see.
Here is the more decent article:
https://www.windowscentral.com...
*** Suerte a todos y Feliz dia!
One information I did not find is the status when the WPA supplicant is vulnerable and the AP is fixed. Is attack possible in that setup?
Also, WPA enterprise often use EAP/TTLS for authentication. KRACK seems unable to compromise what happens inside the TLS tunnel. Is that the case?
See subject: I don't USE that shit here @ home - wireless is for those who are NOT security-conscious or just ignorant of its track-record (like encryption is) - sooner or later, it's permeable, period.
* Am I bullshitting anyone here?
APK
P.S.=> I trust CABLES (shielded if/when possible) over 'wireless' by far (besides, copper's a FAR better conduit for signal than aerial beaming (wireless drops packets like mad vs. hardwired)- especially on TCP/IP protocols (TCP part demands 2-way handshakes, UDP doesn't) & TCP is in use - think about all this & decide for yourself (I did - & I don't need laptops/tablets etc. in every room so why use something KNOWN to be 'shaky' & on BOTH security + reliability of signal concerns for? So it made no sense to me @ all using it)... apk
due to manufacturers and vendors choosing NOT to fix this for whatever reason (they simply don't care, not cost effective, not enough users to justify the effort, product no longer sold, product too old, product is EOL, etc, etc)....
vista and older are fucked, routers and access points older than about 3 years are fucked, wireless gear from lesser known companies are fucked, tablets from major vendors more than 3 years old are fucked, tablets from unknown vendors are fucked, phones that aren't current models are fucked.. there's a lot of gear that is going to be junk.. a LOT.
Stop naming exploits! KRACK is idiotic. I wish heartbleed and shellshock had not been as nameable and chic.
OMG facts!
I just switched to WEP, as it's not impacted. Much safer.
On the krack attacks site, teh question is asked: "Do we now need WPA3?", and answered: "No". Yet the last sentence in that paragraph is: "Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks"! So my question is, how do we block unpatched clients from our wireless networks? It seems as if I was a bad guy, I would keep an unpatched device handy to do bad deeds and there's nothing anyone can do to stop me?
Do I need to patch my Windows PC, my router, both, or exactly one of the two but it's not important which.
Hate to disappoint you with facts, but lóngdông dàdáo means "East Dragon Highway". Lóng is "dragon", and dông is "East".
I heard a rumour recently to the effect that this is the 21st Century.
So why does Slashdot and Slashdot alone, of all the sites I visit, require me to use Pinyin instead of Hanzi? Even Ars Fucking Technica isn't afraid of legitimate uses for Unicode, but Slashdot...?
Il n'y a pas de Planet B.
You must be new here.
CLI paste? paste.pr0.tips!
We're not allowed to use Chinese here because they fear us plotting against the corrupt dictatorship of the modmins in a language they bù huì kàn dông.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
Microsoft: While Windows machines are generally considered safe, the Redmond giant isn't taking any chances and has released a security fix available through automatic updates.
+5 Funny !
From the article:
Linux: As noted on Charged, a patch is a patch is already available and Debian builds can patch now, while OpenBSD was fixed back in July.
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
With Windows 10 and other OSs saving WiFi passwords to the cloud and sharing with who knows, WiFi security has taken a dump anyway.
Is there any way from the WiFi router to tell these OS incarnations "No, you do NOT have permissions to save these passwords!"?
Use a weak transmitter at various points at your home. Like the old blue tooth. End of problem.
"While Windows machines are generally considered safe..."
I've never read those words in almost 20 years of coming here.
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
Already published: https://www.freebsd.org/securi...
-- mg