Android's new monthly security update came with a patch for KRACK vulnerabilities to the WPA2 Wi-Fi security protocol.
After Apple last week with iOS 11.1 (and macOS 10.13.1), it's now Google's turn to offer a patch for KRACK faults. A fix that comes with the November Android security update.
KRACK - Key Reinstallation AttaCK - is a set of vulnerabilities that was discovered (and leaked last month) in the WPA2 Wi-Fi security protocol. An attacker within range of a victim's Wi-Fi network can read encrypted traffic (no remote operation).
Related: Android: correction of 81 vulnerabilities
The problem lies in the 4-Way Handshake initialization procedure. During authentication between the access point and the client, the client may need to reuse parameters used in the encryption of exchanged data. An attacker on the network can replay Handshake messages.
In the security bulletin of Android, KRACK vulnerabilities are not cataloged critical, unlike a little less than a dozen other vulnerabilities affecting the Media Framework and Qualcomm components.
Specific corrections to Pixel and Nexus devices are published separately (no critical flaws).
As always, there is a concern that not all Android devices will benefit from patches. Far from it.
💌 Follow by Email:Digital Channel
🌍🔍 Search Google :digitalchannel.tk
Click Index You Might Be Interested
suivre Dhaouadi Aymensur
