You may have heard about KRACK, a recently disclosed vulnerability in the WPA2 protocol commonly used to secure WiFi. While the vulnerability is real, there’s been some misreporting about the threat and what you should do to protect yourself. As such, we wanted to provide some quick information to put your mind at ease.
- The vulnerability allows an attacker who is nearby to see traffic on your WiFi – but that’s only a threat if that traffic is not encrypted. That means if you’re using HTTPS or a VPN, you already have an extra layer of protection.
- Microsoft patched the issue on the 10th of October, so make sure you are using a supported version of Windows (Windows 7 or newer) and have installed all the latest updates installed.
- iOS and macOS devices should be getting an update soon to resolve the issue.
- Android device updates will be handled by your phone’s manufacturer and carrier and will vary.
- The vulnerability exploits WiFi clients, not WiFi access points. Various router manufacturers have released patches to fix the protocol bug anyway, and it’s a good idea to stay up to date, but the main concern is to patch your clients
This is on the heels of a number of other recent security vulnerability disclosures (including ROCA) and data breaches. It’s clearer than ever that you should take security seriously to protect yourself and your business. To get started, visit the Readysell Security Guide at readysell.com.au/security