How can I tell if any of my devices are exposed to the new Wi-Fi bug?
This question was answered on March 1, 2020. Much of the information contained herein may have changed since posting.
A recent discovery by security researchers at ESET exposed a very serious bug in what is one of the most commonly used Wi-Fi security protocols (WPA2 – Personal and Enterprise).
It’s being referred to as the ‘Kr00k’ bug and it impacts any Wi-Fi enabled device that uses chips made by either Broadcom or Cypress. These two chipset manufacturers are amongst the biggest suppliers with estimates suggesting that the bug affects over 1 billion devices.
The devices that ESET found to be vulnerable include (but are not limited to): Amazon Echo 2nd gen, Amazon Kindle 8th gen, Apple iPad mini 2, Apple iPhone 6, 6S, 8, XR, Apple MacBook Air Retina 13-inch 2018, Google Nexus 5, Google Nexus 6, Google Nexus 6S • Raspberry Pi 3, Samsung Galaxy S4 GT-I9505, Samsung Galaxy S8, and Xiaomi Redmi 3S.
In addition, some wireless routers from ASUS and Huawei are also vulnerable, including the Asus RT-N12, Huawei B612S-25, Huawei EchoLife HG8245H, and Huawei E5577Cs-321.
Before going public with this information, ESET provided the industry with the information so that patches could be developed.
What the Kr00k Bug Allows
Wi-Fi communications are kept secure through the use of encryption, which requires a special key in order to decode. What the researchers discovered was that a standard process of ‘disassociation’ that occurs when the Wi-Fi signal is too low can be used to bypass the required key.
In essence, this means that an attacker within proximity of your Wi-Fi network could easily eavesdrop without having to figure out what your Wi-Fi password is – it’s pretty serious.
First and foremost is to make sure you have the latest updates on all of your devices that have any form of Wi-Fi capability. Not just your laptops, phones and tablets, but also your smart devices as well as your Wi-Fi router or any access points you have installed.
As stated earlier, ESET allowed ample time to manufacturers that were most impacted to create patches before going public, so if you update everything, you’ll be protected.
It’s important to update any device you have, not just if it’s on the list of devices that ESET tested as many other brands and products use the same chipsets.
If you have newer devices that support the WPA3 encryption standard, switching to it will bypass this vulnerability as well.
Wi-Fi Routers, access points, and smart devices may require a firmware update to make sure the patch is installed. If you’re not familiar with how to update firmware, the specific instructions will be posted in the support section of the manufacturer’s website by searching ‘firmware update’ followed by the model number of your device.
If you’re somewhat technical, this vulnerability has been identified as CVE-2019-15126, which you can search for in any of the changelogs for the updates that you have already installed or are about to install.
Some Good News
As bad as this vulnerability is, the good news is that communications that are encrypted by an app or by visiting websites that start with https:// will remain encrypted and scrambled to any potential attackers.
About the author
Ken Colburn of Data Doctors on March 1, 2020