New Wi-Fi Flaws Revealed – Actually Quite Old

Source: Tom's Hardware added 14th May 2021

  • new-wi-fi-flaws-revealed-–-actually-quite-old

(Image credit: Shutterstock)

Widespread flaws affecting Wi-Fi have been disclosed to the public by security researcher Mathy Vanhoef nine months after he tipped the Wi-Fi Alliance off about the problem. The vulnerabilities, reported by Gizmondo from a site set up by Vanhoef exploit mistakes in the implementation of Wi-Fi standards, and can affect any Wi-Fi device no matter how old, and running any level of security including WPA 2 and 3. 

The ‘fragmentation and aggregation attacks’ – FragAttacks for short – are 12 different vulnerabilities that see Wi-Fi devices leak user data if probed in the right way. Three of the flaws are baked into the Wi-Fi standard itself, while the others flow from programming errors in specific products. The flaws have likely been lurking since Wi-Fi was first released in 1997, as even the venerable WEP protocol is vulnerable – though you really should have moved on from WEP by now, as it’s easily broken

By taking advantage of the way some routers accept plaintext during handshakes, for example, or the way some networks cache data, intruders could intercept personal data, or even direct users to fake websites. Vanhoef talks us through the attacks in this YouTube video, remotely controlling a smart plug and compromising an outdated Windows 7 PC.

(Image credit: Shutterstock)

“The biggest risk in practice,” Vanhoef writes, “is likely the ability to abuse the discovered flaws to attack devices in someone’s home network. For instance, many smart home and internet-of-things devices are rarely updated, and Wi-Fi security is the last line of defense that prevents someone from attacking these devices. Unfortunately, due to [these] vulnerabilities, this last line of defense can now be bypassed.”

There is some good news, however: most of the flaws are hard to exploit, patches are available for many devices, including three from Microsoft going all the way back to Windows 7, and from all major router manufacturers (though not all models have received new firmware yet). At the time of writing Vanhoef said he wasn’t aware of any attacks in the wild using the exploits. This could be a good time to ditch your service provider’s router for the latest and best routers.

Read the full article at Tom's Hardware

brands: Best  Defense  Direct  First  It  Microsoft  New  Smart  WAS  Windows  Writing  
media: Tom's Hardware  
keywords: Internet  PC  Windows  YouTube  

Related posts


Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 88

Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 88

Related Products



Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 91

Warning: Invalid argument supplied for foreach() in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 91