A major new vulnerability in the Wi-Fi Protected Access II (WPA2) protocol was recently disclosed by researchers, potentially impacting all Wi-Fi connected devices. Microsoft already revealed that it has patched the issue, but now it has provided a bit more context.
In a statement to Windows Central, a Microsoft spokesperson said the company released the security fix on October 10 as part of its regular Patch Tuesday updates. From Microsoft:
Microsoft released security updates on October 10th and customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates.
That's good news for Windows machines, but the exploit is wide-ranging and impacts Android, iOS, macOS and Linux devices as well (though Linux has been patched). If you're using any other devices, you'll want to make sure you're doing everything you can to mitigate the impact until all of your devices are patched. If you have automatic updates enabled on your Windows machines, you should be covered. If you haven't yet installed the latest round of security updates, you'll want to manually check via Windows Update now.
- How to protect yourself from the KRACK WPA2 hack
- These are the router makers that have patched KRACK WPA2 Wi-Fi flaws