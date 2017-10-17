The newly-reported WPA-2 Wi-Fi vulnerability known commonly as KRACK (Key Reinstallation AttaCK) diminishes the potential security of almost all password-protected Wi-Fi connections in use today. More formally known as CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088, there are already many router vendors issuing firmware patches to fix this.

Client Devices Also Need to Be Updated to Protect Against KRACK

It’s important to note that client devices – that means everything from your iPhone and Macs all the way down to your Wi-Fi-connected printers and webcams – also need to be patched to fully protect against this. Based upon this hostap posting it seems routers can be set to not allow clients who retry the vulnerable key negotiation, thereby blocking this type of attack, but it may come at a cost of denying some clients entry.

Several vendors have released patches already, and we expect more to be coming. Where known, we’ll include details of how much protection is included in the patch.

List of Routers and KRACK-related Firmware Updates

Here’s what we know from consumer-focused router vendors who have either made public statements or provided information directly to us here at The Mac Observer (sorted alphabetically):

CERT is also maintaining a list, as are iMore, FixKRACK, If you have more information or questions, please post in the comments below. We’ll keep this article updated with anything that we (or you!) find.