Today, a severe vulnerability affecting nearly all Wireless WPA2 devices has been reported. The exploit makes it possible for hackers to intercept your internet communications however the problem is patchable and device updates will be distributed over the coming days and weeks.
Today a severe vulnerability affecting all Wireless WPA2 devices has been widely reported. Hackers that are within close physical proximity to your WPA2 wireless network can use the exploit to intercept your internet communications.
The issue has been considered an implementation problem rather than a protocol vulnerability. This means the problem can be patched and we wont have to scrap WPA2 for Wireless just yet.
Should you worry? Well, we’re probably ok… for now. The code that uses the exploit has not been published however hackers around the world will be working quickly to develop their own code.
Patches for your devices will follow in the upcoming days/weeks and you should definitely install these updates on your phone/laptop/computer/router etc as they are made available.
For the technically inclined, we recommend reading this Aruba announcement which provides a reasonably detailed FAQ on this issue.
It’s important to note that this vulnerability exploits the implementation of the WPA2 protocol and that the weakness is not with the protocol itself. This is why the risk for some vendors (Linux, Android) is higher than it is for others (Windows, Mac etc) – each vendor has implemented WPA2 slightly differently.
For everyone else – just make sure you are updating your devices as new patches are made available.
If you’d like to ensure you are protected sooner rather than later, there are some measures you can take to reduce your risk:
- Install HTTPS Everywhere on your Wireless device browsers
- Only use HTTPS sites on your Wireless device browsers
- Use a VPN when using WiFi
- Replace your device if it doesn’t currently receive updates (ie iPhone 4s and older, Samsung S4 and older at time of writing). You’ve been looking for an excuse, now you have one!
If you need help getting patches for your SMB devices installed, or if you have any questions, please call us on 02 8502 8954, pm us on Facebook or contact us using our contact form.