Now-Fixed WiFi Vulnerability Left Apple Devices Open to Attack
A vulnerability in WiFi chips made by Cypress Semiconductor and Broadcom left billions of devices susceptible to an attack that allowed nearby attackers to decrypt sensitive data sent over the air. The security flaw was detailed at the RSA security conference today (via Ars Technica ), and for Apple users, the issue was addressed in the iOS 13.2 and macOS 10.15.1 updates that were released back in late October. Dubbed Kr00k, the WiFi chip flaw caused vulnerable devices to use an all-zero encryption key to encrypt part of a user's communications. When applied successfully, the attack let hackers decrypt some wireless network packets sent by a vulnerable device. As described by Ars Technica : Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.
Now-Fixed WiFi Vulnerability Left Apple Devices Open to Attack
A vulnerability in WiFi chips made by Cypress Semiconductor and Broadcom left billions of devices susceptible to an attack that allowed nearby attackers to decrypt sensitive data sent over the air. The security flaw was detailed at the RSA security conference today (via Ars Technica ), and for Apple users, the issue was addressed in the iOS 13.2 and macOS 10.15.1 updates that were released back in late October. Dubbed Kr00k, the WiFi chip flaw caused vulnerable devices to use an all-zero encryption key to encrypt part of a user's communications. When applied successfully, the attack let hackers decrypt some wireless network packets sent by a vulnerable device. As described by Ars Technica : Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.