As online users woke up to fears of losing their personal data owing to a serious flaw in the Wi-Fi protocol, Microsoft said it has already fixed the vulnerability while Google promised to roll out a patch in the coming weeks to fix Android devices.
“We have released a security update to address this issue. Customers who apply the update, or have automatic updates enabled, will be protected,” a Microsoft spokesperson told The Verge late on Monday.
It is going to take some time for the patch to reach non-Pixel Android devices as the ecosystem has been slow in deploying patches, the report added. “We’re aware of the issue, and we will be patching any affected devices in the coming weeks,” Google told CNET.
Currently, over a third of Android phones are vulnerable to a simpler form of the attack. Even if your router is not patched, patching the device should be enough to stop an attacker from getting in the middle, reports said.
According to an advisory issued by the US Computer Emergency Readiness Team (US CERT), anyone using the Wi-Fi Protected Access II (WPA 2) protocol is probably compromised. The new Wi-Fi security flaw is called “KRACK” — short for Key Reinstallation Attacks.
Security expert Mathy Vanhoef from Belgian university KU Leuven discovered the flaw in the wireless security protocol WPA2. The flaw affects operating systems and devices, including Android, Linux, Apple, Windows, MediaTek and others.