As you might have heard over the news about the latest security vulnerability for remote Wi-FI exploit of WPA encryption protocol dubbed KRACK or Key Reinstallation Attack.
This weakness are in the Wi-Fi standards itself, and not in individual products or implementations. Therefore any correct implementation of WPA2 encryption is likely affected. This means that all mobile devices, wireless access points and routers need to be patched to defend against this type of attack.
Since the discovery of the vulnerability Microsoft, Apple and Google Android has released patches for all their operating systems and all third party providers will follow up with their patch releases in the coming weeks.
We will verify and patch wireless access points and wireless capable routers as updates become available for the respective vendors.
If you have a wireless capable device like a personal smart phone, smart watch, personal laptop, please check to see if any security updates are released for these devices. If you have any troubles updating or verifying that a device are patched, please contact Colt911 Solutions and we can schedule to check verify your personal devices and home networks.
For more detailed information please visit the following sites
https://www.kb.cert.org/vuls/id/228519/
Update October 17, 1:30pm
Cisco Security Vulnerability update
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
Android Security Bulletins
https://source.android.com/security/bulletin/
Apple Security Updates
https://support.apple.com/en-us/HT201222
FAQ
Who is Affected?
All devices that receive or broadcast a wireless signal will need to update.
We use WPA2-Enterprise using 802.1x, are we affected?
Yes, the vulnerability is prior to the authentication commands. The attack works against both WPA1 and WPA2, against personal and enterprise networks, and against any cipher suite being used (WPA-TKIP, AES-CCMP, and GCMP).