A recent discovery by security researchers at ESET exposed a very serious bug in what is one of the most commonly used Wi-Fi security protocols: WPA2 — Personal and Enterprise.
It’s being referred to as the “Kr00k” bug, and it affects any Wi-Fi enabled device that uses chips made by either Broadcom or Cypress. These two chipset manufacturers are among the biggest suppliers. It is estimated that the bug affects over one billion devices.
The devices that ESET found to be vulnerable include (but are not limited to):
- Amazon Echo second generation
- Amazon Kindle eighth generation
- Apple iPad mini 2
- Apple iPhone 6, 6S, 8, XR
- Apple MacBook Air Retina 13-inch 2018
- Google Nexus 5, Google Nexus 6, Google Nexus 6S
- Raspberry Pi 3
- Samsung Galaxy S4 GT-I9505, Samsung Galaxy S8
- Xiaomi Redmi 3S
In addition, some wireless routers from ASUS and Huawei are also vulnerable, including the Asus RT-N12, Huawei B612S-25, Huawei EchoLife HG8245H and Huawei E5577Cs-321.
Before going public with this information, ESET provided the industry with the information so patches could be developed.
What the Kr00k bug allows
Wi-Fi communications are kept secure through the use of encryption, which requires a special key in order to decode.
What the researchers discovered was that when the Wi-Fi signal is too low, a standard process of “disassociation” that happens can be used to bypass the required key.
In essence, this means that an attacker within proximity of your Wi-Fi network could easily eavesdrop without having to figure out what your Wi-Fi password is. It’s pretty serious.
Protection tips
First and foremost is to make sure you have the latest updates on all of your devices that have any form of Wi-Fi capability. Not only your laptops, phones and tablets, but also your smart devices, as well as your Wi-Fi router or any access points you have installed.
ESET allowed ample time to manufacturers that were most affected to create patches before going public, so if you update everything, you’ll be protected.
It’s important to update any device you have, not just if it’s on the list of devices that ESET tested, as many other brands and products use the same chipsets.
If you have newer devices that support the WPA3 encryption standard, switching to it will bypass this vulnerability.
Wi-Fi Routers, access points and smart devices may require a firmware update to make sure the patch is installed.
If you’re not familiar with how to update firmware, the specific instructions will be posted in the support section of the manufacturer’s website by searching “firmware update,” followed by the model number of your device.
Technical checks
If you’re somewhat technical, this vulnerability has been identified as CVE-2019-15126.
You can search for this in any of the changelogs for the updates that you have already installed or are about to install.
Some good news
As bad as this vulnerability is, the good news is communications that are encrypted by an app or by visiting websites that start with https:// will remain encrypted and scrambled to any potential attackers.
Ken Colburn is founder and CEO of Data Doctors Computer Services. Ask any tech question on Facebook or Twitter.