Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Every Wi-Fi network at risk of 'Krack' hacking attack

  • Please log in to reply
5 replies to this topic

#1 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,769 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:59 AM

Posted 16 October 2017 - 06:20 PM

Every Wi-Fi network at risk of unprecedented 'Krack' hacking attack

Every Wi-Fi connection is potentially vulnerable to an unprecedented security flaw that allows hackers to snoop on internet traffic, researchers have revealed...In theory, it allows an attacker within range of a Wi-Fi network to inject computer viruses into internet networks, and read communications like passwords, credit card numbers and photos sent over the internet.

New KRACK Attack Breaks WPA2 WiFi Protocol

...KRACK allows an attacker to carry out a MitM and force network participants to reinstall the encryption key used to protected WPA2 traffic...The attack works only if the attacker is in the victim's WiFi network range, and is not something that could be carried out via the Internet.The KRACK attack is universal and works against all type of devices connecting or using a WPA2 WiFi network. This includes Android, Linux, iOS, macOS, Windows, OpenBSD, and embedded and IoT devices.

Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)


#2 archiemac


  • Members
  • 1 posts
  • Local time:09:59 AM

Posted 17 October 2017 - 03:53 AM

DrayTek's security advisory says "If you use a DrayTek wireless product (router or access point) and you are only using it as the wireless base, then it is not vulnerable to 'Krack' and a patch/update is not necessary for that operation."  I've emailed their tech support to check whether this is correct, and that it applies to legacy routers. 


Anyone have info re DrayTek and KRACK?




#3 britechguy


    Been there, done that, got the T-shirt

  • Moderator
  • 9,014 posts
  • Gender:Male
  • Location:Staunton, VA
  • Local time:04:59 AM

Posted 17 October 2017 - 08:30 AM

I have also just read that for those on Windows 10, the update KB4041676 patches the vulnerability.   This came from a source that I trust, but I cannot find, specifically, where in the list of fixes in KB4041676 this is addressed (but that doesn't mean it isn't).  Perhaps someone here can provide additional information.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story






#4 JohnC_21


  • Members
  • 24,448 posts
  • Gender:Male
  • Local time:04:59 AM

Posted 17 October 2017 - 10:10 AM

Do we now need WPA3?

No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point (AP), and vice versa. In other words, a patched client or access point sends exactly the same handshake messages as before, and at exactly the same moment in time. However, the security updates will assure a key is only installed once, preventing our attack. So again, update all your devices once security updates are available. Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!

All those Android Phones that never get patched is something to be concerned about. I have a Att Uverse gateway and from the looks of it Att isn't going to be rushing out a patch for all their different gateways. I doubt public hotspots will have priority either.



Edited by JohnC_21, 17 October 2017 - 10:11 AM.

#5 snorkel


  • Members
  • 9 posts
  • Local time:04:59 AM

Posted 31 October 2017 - 07:57 AM

I can't seem to find a definitive answer, so here are my two questions.

Is it a worry if older routers (no longer supported) running in regular router mode remain unpatched?

Is it the operating system that needs patching or the wifi device driver that needs to be updated or both?

#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,719 posts
  • Gender:Male
  • Local time:10:59 AM

Posted 31 October 2017 - 05:51 PM

With "regular router mode" you mean running as a wireless access point? Then no, it's not a worry for the vulnerabilities disclosed by Mathy.

On, Windows, it's the OS that needs patching. And I think that's also the case for all or most operating systems.

Didier Stevens

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019


If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.


Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users