KRACK Wi-Fi attacks shouldn't harm updated Windows PCs

From PC World: The bad news: A severe WPA2 protocol vulnerability dubbed KRACK holds the potential to break Wi-Fi security for virtually all wireless devices or networks, allowing attackers to snoop on your Internet traffic or even inject malicious code into websites you visit. The good news: If you’re running a Windows PC, you’re already safe—at least if you automatically apply new updates.

Microsoft quietly released a KRACK-smashing update as part of last week’s Patch Tuesday blitz, the company confirmed to Windows Central and other websites. Phew! Here is the company’s statement:

“Microsoft released security updates on October 10th and customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates.”

And now for the even better news: Fixes for KRACK can be backward-compatible, per Mathy Vanhoef, the researcher who discovered the Wi-Fi flaw. That means if you’ve updated your PC with Microsoft’s KRACK patch, you can likely connect to wireless networks running on unpatched routers without fear. We’ve reached out to Microsoft to confirm whether that’s the case with this patch for Windows devices.

View: Article @ Source Site