Canadian Mac Forums at ehMac banner

1 - 5 of 5 Posts

·
Premium Member
Joined
·
5,374 Posts
Discussion Starter · #1 ·
so by now i am sure people have heard of the this attack by now.
if not here is a link : https://www.cnet.com/news/krack-microsoft-windows-amazon-frequently-asked-questions/

I just wanted to start a thread about who has patched their access points and which brand they have. I want to know which manufacturers have patched and which have not.

here are the brands i use and if they are patched:

1. Aerohive - Patched
2. Datto - Patched
3. Sophos - Patched
4. Dlink - not patched [dir-868L ] Dlink DIR-890L - patched
5 cisco - mostly not patched except for meraki - in progress
[another reason why we are as whole removing and not recommending cisco/meraki to our clients. ]
 

·
Premium Member
Joined
·
6,076 Posts
This thread is largely irrelevant. The vulnerabilities only apply if a WAP is in uplink/client mode. The vulnerabilities are client-based, and the exploits are run against the client, not the WAP.

iOS is not affected by all of the CVEs, as it doesn't follow the WPA spec entirely, but is patched in the next iOS update. macOS is patched in the next release of 10.13. I'd expect to see patches for previous versions, too, but who knows what they'll do.
 

·
Premium Member
Joined
·
5,374 Posts
Discussion Starter · #3 ·
This thread is largely irrelevant. The vulnerabilities only apply if a WAP is in uplink/client mode. The vulnerabilities are client-based, and the exploits are run against the client, not the WAP.

iOS is not affected by all of the CVEs, as it doesn't follow the WPA spec entirely, but is patched in the next iOS update. macOS is patched in the next release of 10.13. I'd expect to see patches for previous versions, too, but who knows what they'll do.
but that leaves everyone else in the threat zone.. 10.12 and older.
so this is still a very important thread.
also many use apple airports which have not been patched.
 

·
Premium Member
Joined
·
5,374 Posts
Discussion Starter · #5 ·
The important part of all of this is to remember that a patched WAP does NOT protect unpatched clients. The clients must be patched, and many/most older devices won't be.
that is my point, in patching access points.
 
1 - 5 of 5 Posts
Top