Because of WPA2’s widespread use and the serious nature of the vulnerability, the U.S. Computer Emergency Readiness Team (US-CERT), a division within the U.S. Department of Homeland Security, issued an alert about the problem on October 16, 2017. However, security experts note that there is no need to panic for several reasons:
- US-CERT privately warned affected vendors about the vulnerability two months prior to issuing the public alert, giving them time to create patches to fix the problem. For example, Microsoft has already created a patch for Windows, which it released through Windows Update on October 10, 2017.
- The security researcher who found the vulnerability did not release his proof-of-concept code, so there is currently no publicly available code that hackers can copy and use.
- Hackers need to be physically close to their victims to exploit the vulnerability.
Not panicking, though, does not mean you should be complacent if your wireless devices use WPA2. You need to make sure they get patched. We can identify any at-risk routers, laptops, smartphones, and other wireless devices in your business and help you take the appropriate measures so that they do not become a security liability.
If you aren’t currently monitoring your systems for patching, call SomethingCool.com to find out how we can take care of patching for you.