Breaking WPA2 by forcing nonce reuse

[pondus]

Key Reinstallation Attacks - Breaking WPA2 by forcing nonce reuse  >>  https://www.krackattacks.com/

 

[exile360]

Damn, that's bad news.  Thanks for sharing pondus.  I poked some members of our Dev team about this.  Hopefully it gets their wheels turning on ideas to better secure network protocols (though obviously we're currently limited to what can be done from the endpoint).

[pondus]

Microsoft shuts down Krack with sneaky Windows update

https://www.computerworld.com/article/3233198/microsoft-windows/microsoft-shuts-down-krack-with-sneaky-windows-update.html

 

[pondus]

How the KRACK attack destroys nearly all Wi-Fi security

https://arstechnica.com/information-technology/2017/10/how-the-krack-attack-destroys-nearly-all-wi-fi-security/

https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4

 

[exile360]

OK, so MS patched Windows 10, but what about those of us still running older versions of Windows?  I'm still on 7 and have no plans to upgrade for the foreseeable future.  I was just reading about an issue related to this where, thanks to MS publishing patches for 10 and leaving out older OS versions, the bad guys are getting clued into live vulnerabilities in pre-10 Windows versions.  Argh.

[nukecad]

The CW article that pondus linked to above says that all supported versions, including Win7 are included in the patch.

[exile360]

4 hours ago, nukecad said:

The CW article that pondus linked to above says that all supported versions, including Win7 are included in the patch.

Ah, thank goodness.  The info on MS' site only indicated Windows 10 so I didn't think they'd rolled anything out for older OS versions yet.  I also learned that HTTPS helps to defend against a lot of the snooping and spoofing that these attacks make possible, so forcing HTTPS is probably a good idea at this point.  Thankfully it's becoming the standard and most sites should be adopting it soon if they haven't already (I believe Google went so far as forcing HTTPS in Chrome or that they plan to if I recall the info I read about it recently correctly).

[pondus]

List of Firmware & Driver Updates for KRACK WPA2 Vulnerability

https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vulnerability/

 

[exile360]

Sadly it seems Intel has already dropped support for my particular wireless chipset, however I did install their latest software so hopefully that was enough (though I haven't much confidence since the driver is still the same one from 2015 as that obviously didn't get updated/patched).

On the bright side, this did remind me to go in and disable (read gut/destroy/obliterate  ) the Intel AMT interface/chip.  Remote access/management of my system through the BIOS via a chip in my CPU is not something I look upon kindly.  Organizations like Intel really need to stop making things so easy for the bad guys under the guise of better systems management for IT, especially since this crap exists in their consumer chips as well as their business ones.