Wi-Fi Security Compromise:

Posted on October 16, 2017 by Eric Harless

Researchers have detected a vulnerability through which Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key re-use, resulting in key re-installation by a wireless access point (AP) or client.

An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames.

Since WPA2 is a protocol that secures all modern protected Wi-Fi networks, laptops, desktops, phones, and other devices that support Wi-Fi are likely affected. Major developers, including Microsoft® and Google®, have stated they will be releasing patches soon.

Actions to Take:

The number and type of devices connecting via Wi-Fi continues to grow. Understand what devices are present in your network, and be prepared to patch them as fixes become available. As a best practice, it is critical you have a proactive patching program in place.

Resources:

U.S. Cert: http://bit.ly/2igttsr

U.S. Cert Vendor Info: http://bit.ly/2wZnbQ9

Wi-Fi Alliance Security Page: http://bit.ly/2zsvZzF

KRACK Attacks Research Page: https://www.krackattacks.com/

About Eric Harless

Eric is Head Backup Nerd at SolarWinds
This entry was posted in Cove Data Protection, Cove Data Protection service updates, Mail Assure, MSP Service Desk, Risk Intelligence, Security Notices. Bookmark the permalink.