Oh, great. The encryption method used to protect most wireless networks — Wi-Fi Protected Access II (WPA-2) — has been hacked, and it has the possibility of affecting all major computer platforms. KRACK (short for “Key Reinstallation Attack” is the name of the flaw that has been exploited, and it makes it possible for those attacking a network to eavesdrop on any network traffic between an access point and a device.
At this point, Microsoft and Google have both acknowledged the issue, with Microsoft releasing an update today that should take care of the issue in its flagship Windows operating system, while Google’s Pixel devices will receive an update next month. There’s no word from Apple yet on whether or not the company knows if iOS and macOS are safe; we’ll pass along any notification from Apple if and when it arrives.
Once operating systems are updated to protect users from the attack, most wireless routers and access points will also need to be updated to fully protect against KRACK. Note that in order for someone to make a KRACK attack, they need to be in close physical proximity to your home or office network — it cannot be done remotely. The following video shows how the attacks take place:
Should you switch your network encryption to WEP in the meantime? NO! It was officially deprecated in 2004 because of a number of vulnerabilities were discovered, and for some reason WEP is still used on some products.
As soon as any security updates are available for your Apple devices and for Wi-Fi routers and access points from any manufacturer, you should install them immediately.