‘KRACK’ Wi-Fi Vulnerabilities Already Patched in iOS, macOS, watchOS, and tvOS Betas

Posted in Apple TV, Apple Watch, iOS, macOS on 17/10/2017 by Chris Hauk

0

Apple says it has already patched the “KRACK” security vulnerabilities in the WPA2 Wi-Fi standard in beta versions of its iOS, macOS, tvOS and watchOS operating systems.

'KRACK' Wi-Fi Vulnerabilities Already Patched in iOS, macOS, watchOS, and tvOS Betas

iMore‘s Rene Ritchie says Apple told him the exploits have been addressed, in the current betas now available to developers, which will roll out to consumers in the near future.

Security researcher Mathy Vanhoef cracked WPA2, the encryption standard used to secure most modern Wi-Fi networks. This exploit would allow an attacker to read all information passing over a wireless network secured by WPA2.

As a proof-of-concept, Vanhoef’s team executed a key reinstallation attack against an Android smartphone. In the demonstration, the attacker was able to decrypt all data that the victim transmits.

The attacks only decrypt data encrypted by the Wi-Fi connection, but can’t touch data encrypted by a secure website encrypted using the HTTPS protocol. However, improperly configured sites can be exploited to get drop the HTTPS connection. So, this isn’t completely secure either.

While we’re waiting for the updates of iOS, macOS, tvOS, and watchOS to be released to the public, users are advised to avoid public Wi-Fi hotspots, use Ethernet for your ethernet-equipped Apple devices, and use a VPN when possible.


Author

Chris Hauk

MacTrast Senior Editor, and self-described "magnificent bastard," Chris Hauk owns Phoenix Rising Services and writes for everyone's favorite "bad movie" website, Big Bad Drive-In.

His first Apple product was an iPod Classic 9 years ago, and he has since added a MacBook Pro, a number of iPads, iPhones, and multiple Apple TVs to his collection.

He lives somewhere in the deep Southern part of America. Yes, he has to pump in both sunshine and the Internet.