Apple has already patched the KRACK attack WPA2 Wi-Fi vulnerability in the developer and public betas for iOS, watchOS, tvOS, and macOS.
KRACK is an exploit that attacks the way WPA2 protects Wi-Fi access points. While it’s bad, there are a are a few factors that prevent it from being truly damaging to the state of modern wireless networking:
- It can be patched. We don’t need a new standard like we did when WEP was broken and everyone had to move to WPA2.
- That means if your iPhone, iPad, or Mac is patched, it’s safe to use on any wireless access point, even if that access point (router, modem, etc.) hasn’t been patched. Likewise, if you patch your access point, any device used on it will likewise be secured.
- In many cases, access points won’t need to be updated. For example, Apple’s AirPorts, including Express, Extreme, and Time Capsule don’t seem be affected, even if using one as a bridge.
- Apple has confirmed to me that the KRACK exploit has already been patched in iOS, tvOS, watchOS, and macOS betas.
As soon as the updates leave beta, they’ll be pushed out to everyone. We’ll have to wait and see how fast other manufacturers are to respond, and how many of our connected devices receive updates.
I’m diving deeper into the specific now and will update with more info soon.