Key Reinstallation AttaCK (KRACK) - WPA2 Vulnerability
- Solution ID: 1118590
- Last Updated: Oct. 23, 2017 9:15 PM (PST)
- Applies to: Antivirus for Mac - 2018;Antivirus+ Security - 2018;Home Network Security - All;Internet Security - 2018;Maximum Security - 2018;Mobile Security for Android - All;Mobile Security for iOS - All;Password Manager - All;Premium Security - 2018;
- Key Reinstallation AttaCK (KRACK) - WPA2 Vulnerability | Trend Micro
Trend Micro is aware of and has been closely monitoring the latest Vulnerabilities in WPA2 which reportedly exposes Wi-Fi-enabled devices to Eavesdropping.
A serious flaw in the Wi-Fi Protected Access 2 (WPA2) protocol has recently been discovered. This flaw, called Key Reinstallation Attacks (or KRACK), reportedly allows attackers within range of vulnerable Wi-Fi enabled devices or access points to intercept passwords, messages, and other data.
To work, the KRACK Wi-Fi hack takes advantage of a vulnerable router and connected device. For example, even patched Apple iPhones, iPads or Macs may still be at risk when connected to a vulnerable AirPort router. Almost all modern Wi-Fi routers are currently susceptible to KRACK.
Trend Micro recommends the following best practices to strengthen router and Wi-Fi security:
- Update Wi-Fi-enabled devices, routers, or the firmware of other hardware whenever possible. Alternatively, switch to Ethernet/wired connections until the vulnerabilities are patched.
- Use a Virtual Private Network, especially when remotely accessing corporate assets.
- Regularly update the Wi-Fi router’s credentials to reduce the risk of attack.
- Configure the service set identifier (SSID) in a way to lower the chance that strangers can discover the Wi-Fi connection/network.