Please make sure all of your operating systems (mobile and desktop) and computer security software is up-to-date everyone. Microsoft has already put the patch out as of October 10; Apple will be releasing its patch within a couple of weeks according to the article.
A serious Wi-Fi vulnerability was revealed today, affecting nearly every Wi-Fi network and device using WPA or WPA2 security encryption.
Attackers can potentially gain access to encrypted information like usernames, passwords, and credit card data. Luckily, companies are already patching the flaw in order to prevent this potential hack from happening, but you’ll need to do a little work on your end and update your devices.
The US Computer Emergency Readiness Team (US-CERT) has compiled a list of manufacturers
that have been notified about the vulnerability, as well as whether or not they have provided information concerning updated devices. Be sure to check if your wireless router’s manufacturer is on the list, and update your router following their instructions.
You may remember the last time you connected your phone, laptop, or other device to a new WiFi network. When it asked you for the network password, it also said something about the security protocol, perhaps listing something like “WEP” or “WPA2,” or asking you to choose from a list of types.
The flaw has to do with the actual encrypted messages that devices send each other to authenticate when they connect. The researchers proved that someone can manipulate those connections, abuse the vulnerability, and gain access to communications that are supposed to be secure.
Because the weak point is in the actual standard, it’s not limited to a single network or device. It’s pervasive — every single device that can communicate in this way, which is basically all of them, is potentially susceptible. The list includes all Android, Apple, Linux, and Windows devices — your standard phones and laptops — as well as the routers they connect to, from companies like Linksys.
There’s nothing that individuals can do; changing your WiFi password or using a different device won’t help, since the flaw is embedded deep in the very basis of your internet connection.
