Apple confirms KRACK Wi-Fi WPA-2 attack vector patched in iOS, tvOS, watchOS, macOS betas

2»

Comments

  • Reply 21 of 22
    Both a router and a client device must be susceptible to the KRACK Attack vector for the assault to succeed. If either are patched, then no data can be gleaned from the man-in-the-middle method publicized on Monday morning

    Do you have a source stating that if either are patched the assault will fail? My security guy is stating that they both have to be patched.

    Thanks!
    Clint
  • Reply 22 of 22
    rob53rob53 Posts: 1,988member
    AppleInsider, can you clean up your wording to clarify this?

    The attack uses one or more of 10 different exploits. The details of the exploit were submitted for review on May 19, and a conference presentation will be delivered on Nov. 1.

    So is it 10 exploits, or one exploit? Or should that be details "of the attack" of which there are 10 different possible ways to execute (exploit) it?
    If you look at my comment earlier, I found 10 CVE vulnerabilities. Different people call them different things but the official term regarding something used to exploit a computer device is vulnerability or exposure. Maybe it takes all ten of these vulnerabilities to actually "exploit" a WiFi WPA-2 connection but it probably far less than the ten.
Sign In or Register to comment.