**UPDATED ON OCT. 24TH 2017**
Recently, a new security vulnerability known as “Krack Attack” was discovered that affects all modern Wi-Fi networks that use WPA2 personal encryption. Through this vulnerability, hackers may be able to read information that was previously encrypted, and could be able to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and more. Below is a breakdown of vendor responses and updates:
KRaCK Attack Vendor Updates:
Meraki – Meraki has already patched their systems.
Cisco (NEW) – All versions of the AP/WLC code have been fixed, with the exception of the latest release
8.2.164.0: Available Now
8.3.132.0: Available Now
8.5.105.0: Available Now
8.6.100.0: TBD
Additional updates from Cisco for IOS devices were releases on Oct. 22nd and Oct. 23rd.
Microsoft – Microsoft has already updated their OS.
Apple – Apple is currently testing their update in beta, and will be releasing it publicly within a few weeks.
Google – Google will be releasing a fix in the November updates (scheduled for Nov 6.). However, carriers will have to incorporate this fix in an update made available for your platform.
Aruba – Aruba has already posted a fix.
Fortinet – Fortinet is working on releasing a fix, no timeline as of yet.
Intel – Intel has released a set of updated drivers for it’s network cards.
Linux – Most main stream Linux branches have released patches for the vulnerability.
NetGear – NetGear has patched many of its products already.
D-Link (NEW) – D-Link is currently investigating the issue. They have released some patches and have issued a release schedule for others:
http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10075
This information was published on 10/24/2017 around 1:00 PM.
