A List of Every Security Patch Available for Krack Vulnerabilities
In case you had your head under a rock last week, a vulnerability in the ubiquitous wireless security protocol WPA2 was exposed. Unlike device specific vulnerabilities found in the past, the KRACK vulnerability is likely to affect every wireless device released within the last 13 years. In total, ten CVE numbers have been preserved to describe the vulnerability and its impact, and according to the US Department of Homeland Security, the main affected vendors are Aruba, Cisco, Espressif Systems, Fortinet, the FreeBSD Project, HostAP, Intel, Juniper Networks, Microchip Technology, Red Hat, Samsung, various units of Toshiba, and Ubiquiti Networks.
Now before you start digging a hole for your iPhones in the woods, there are a number of steps you can take to protect your privacy and devices. Of these recommended security measures, updating your devices with vendor supplied patches. Take a look below to see what steps each vendor is taking to lock down their devices.
Apple – Apple has confirmed that fixes for iOS, macOS, watchOS and tvOS are currently in beta and will be rolling them out over the coming few weeks.
Aruba – Aruba has been pretty speedy with their response offering a security advisory and available patches for download for ArubaOS, Aruba Instant, Clarity Engine, and other software impacted by the bug.
AVM – Because of its ‘limited attack vector’ the company originally said it won’t be administering any security patches until absolutely necessary. The company has recently released a statement saying it will now provide updates for its wireless repeaters.
Cisco – Cisco is currently investigating which of its products are impacted by the Krack attack, but acknowledges that multiple Cisco products have been affected. Here are the current available patches.
eero – The eeroOS version 3.5 includes a patch to protect against Krack and is currently available as an in application update.
Espressif Systems – The Chinese wireless vendor has started patching its chipsets specifically ESP-IDF and ESP8266 versions, with Arduino ESP32 next on the cards for a fix.
Fortinet – It looks like FortiAP 5.6.1 is no longer vulnerable to most of the CVEs linked to the attack, but the latest branch, 5.4.3, may still be impacted. There are firmware updates to be expected.
FreeBSD Project – A patch is actively being worked on for the base system.
Google – Google says it is currently aware of the issue and will patch all affected devices in the coming weeks.
HostAP – The Linux driver provider has offered a number of patches in response to krack.
Intel – Intel has released a security advisory listing updated wireless drives and patches for affected chipsets, as well as Intel Active Management Technology.
Linux – A Linux patch is already available and Debian builds can patch now.
Netgear – Netgear has released fixes for some of its router hardware. Check out the full list here.
Toshiba – A Toshiba spokesperson has said that they’re currently investigating the effect of the WPA2 vulnerability with the intention of clarify the findings to the public once they become available.
Ubiquiti – A new firmware update protects Ubiquiti users against the attack. Check it out here.
Watch Guard – Patches for Fireware OS, WatchGuard legacy and current access points, and for WatchGuard Wi-Fi Cloud have become available.
Wi-Fi Alliance: Wi-Fi Alliance is offering a tool to detect KRACK for members and requires testing for the bug for new members.
Wi-Fi Standard: A fix is available for vendors but not directly for end users.