Researchers recently disclosed a major vulnerability in the Wi-Fi Protected Access II (WPA2) protocol that most of us use to secure out Wi-Fi networks. "The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others," the United States Computer Emergency Readiness Team (US-CERT) has revealed. Fortunately, tech companies are starting to respond to the exploit's disclosure, and Microsoft says that it has already issued a fix.
In a statement to The Verge, Microsoft says that anyone who applies the update, or has Windows Update set to apply automatic updates, should be protected. From Microsoft:
We have released a security update to address this issue. Customers who apply the update, or have automatic updates enabled, will be protected. We continue to encourage customers to turn on automatic updates to help ensure they are protected.
Microsoft will publish details of the update later today, according to The Verge.
While that's good news for your Windows machine, the exploit also impacts Android, iOS, macOS, and Linux (though Linux has been patched). If you use any devices running those operating systems — and most of us do — then you'll want to make sure you're doing everything you can to protect yourself until the vulnerability is patched. For more, check out our tips on how to protect yourself from the KRACK WPA2 hack. In the meantime, if you don't have automatic updates turned on for your Windows machine, it would be wise to manually check for updates.
Updated October 16, 2017: A Microsoft spokesperson said in a statement to Windows Central that the patch was originally released as part of the company's regular Patch Tuesday updates on October 10. From Microsoft:
Microsoft released security updates on October 10th and customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates.
- How to protect yourself from the KRACK WPA2 hack
- These are the router makers that have patched KRACK WPA2 Wi-Fi flaws