KRACK - Key Reinstallation Attack
Monday, Oct 16, 2017 | Jeff Corrington
Today (Oct 16, 2017) a new weakness in the WPA2 protocal was announced. The weakness nicknamed "KRACK", which stands for Key Reinstallation Attack, was discovered and publicly announced by Mathy Vanhoef.
This security weakness can be used to steal information such as credit card numbers, passwords, chat messages, emails, photos and more. Shockingly, the attack works against all modern protected Wi-Fi networks.
A website has been created to announce the details, and alot more information on this discovery. That website can be found at https://krackattacks.com and was written by Mathy Vanhoef himself.
The good news is several vendors already released updates to patch this vulnerability. Microsoft has already released a security fix via the October 10, 2017 rollup update. A list of Microsoft KB articles which patches the weakness can be viewed at Microsoft's website here.
If you're a service provider customer of PC Guy you will be already protected. PC Guy will be reaching out to the rest of our customers to coordinate a plan to get you up to date with the Microsoft patch.
If you have any questions please feel free to reach out to your technician or myself, our information can be found here!