Security conferences are often the issues you should be paying attention to. The RSA conference ends today, where researchers have presented their research on the Wi-Fi security risk. From ArsTechnica they inform (via 9to5Mac) that among the affected devices are several Apple.
The company downloaded this error the last one, with updates to iOS 13.2, iPadOS 13.2 and MacOS 10.15.1.
Limited distance error on Wi-Fi connection
The Kr00K takes advantage of the risk when the wireless device frees itself from the wireless access point. If any other device, both the user or the access point, is at risk, it will enter any data without sending it to the transmission and sending it over the air.
Instead of encrypting this data with the session key discussed and during the normal connection, the vulnerable devices use a key that is all zeros, a move that makes encryption obsolete.
The research team called ESET was responsible for detecting and reporting this error. This vulnerability arises Broadcom FullMAC WLAN chips, a distinction that was subsequently acquired by the Cypress Semi in 2016. Therefore, it is found in the products of both companies. Among them, from products such as Amazon (of their kind), Apple, Huawei, Xiaomi, Samsung or Google.
In the case of smartphone manufacturers and students, most have software that has been problematic for a while. However, Wi-Fi routers the weakest link this poses a risk, as they are non-renewable devices. So, it's always good to keep them updated on the latest version of the software.
In any case, most of the communication is currently being done already nailed to the front. Therefore, we face a risk with limited scope.
Apple has already downloaded this error in October 2019
Responding to Ars, Apple said the interruption was resolved last October. Specifically, under macOS 10.15.1, iOS 13.2 and iPadOS 13.2 updates. When we enter both documents, in the Wi-Fi section we will see them CVE-2019-15126 That fits this error.
In the case of apple, affected devices The following are:
- IPad mini 2.
- IPhone 6, 6S, 8, XR.
- 2018 MacBook Air.
As we can see, there are six products, but the time range is wide. The iPad mini 2 began selling in 2013, the iPhone 6 and 6s in 2014 and 2015, the iPhone 8 and XR in 2017 and 2018 and the MacBook Air in late 2018. If you have one of them, update immediately for the latest version available.
Apple often gets into software errors with an update, but without any configured displays. There is often time for new software to expand among users again after which the nature of the errors is exposed. The same case can be found in watOS updates 5.3.5 and 6.1.3, where security errors corrected in Apple notes have not yet been specified.
As is often the case in these cases, it's easy to update your devices as quickly as possible. If you are worried about safety, here is the best way protect your equipment.