ragnarok1968
Well-Known Member
URL: Microsoft details its fixes for KRACK WPA2 vulnerability
Earlier today, it was revealed that there's a vulnerability in the WPA and WPA2 protocols that could allow an attacker to spy on your internet traffic and even manipulate websites. Called KRACK, it affects virtually every device that connects to Wi-Fi.
Microsoft was quick to announce that it has a fix available and that those with automatic updates turned on should already be protected. The company didn't provide further details at the time, but now it has outlined the updates that have been provided.
And if you haven't guessed, the fix was already in the Patch Tuesday updates that were released nearly a week ago. It wasn't specifically noted in the release notes, but that's likely due to the vulnerability not being public yet.
A Microsoft spokesperson issued the following statement to Neowin:
"Microsoft released security updates on October 10th and customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates."
Of course, this means that you need to be on Windows 7 or higher to receive the fix. The firm isn't beyond issuing updates for the unsupported Windows XP and Vista when it's necessary, but that wasn't the case this time.
You can find out more about the exploit and the updates here.
Earlier today, it was revealed that there's a vulnerability in the WPA and WPA2 protocols that could allow an attacker to spy on your internet traffic and even manipulate websites. Called KRACK, it affects virtually every device that connects to Wi-Fi.
Microsoft was quick to announce that it has a fix available and that those with automatic updates turned on should already be protected. The company didn't provide further details at the time, but now it has outlined the updates that have been provided.
And if you haven't guessed, the fix was already in the Patch Tuesday updates that were released nearly a week ago. It wasn't specifically noted in the release notes, but that's likely due to the vulnerability not being public yet.
A Microsoft spokesperson issued the following statement to Neowin:
"Microsoft released security updates on October 10th and customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates."
Of course, this means that you need to be on Windows 7 or higher to receive the fix. The firm isn't beyond issuing updates for the unsupported Windows XP and Vista when it's necessary, but that wasn't the case this time.
You can find out more about the exploit and the updates here.
