Be on the lookout for new patches for your phone, your router, and your computer (Windows, Linux, AND Mac are affected), and apply them as soon as they’re available.
The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.
Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.
“Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,” Vanhoef’s report said. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.
Make sure you patch your router’s firmware as soon as possible! Give us a call if you use wifi in your business and you don’t know how to patch your wifi router’s firmware.
Different devices and operating systems are impacted to differing degrees based on how they implement the WPA2 protocol. Amongst the worst hit are Android 6.0 (Marshmallow) and Linux, due to a further bug that results in the encryption key being rewritten to all-zeros; iOS and Windows, meanwhile, are among the most secure, since they don’t fully implement the WPA2 protocol, dodging one weakness. No tested device or software was fully immune to the weakness, however.