KRACK: Microsoft, Google and other tech giants rush to fix Wi-Fi security flaw
The security flaw in Wi-Fi encryption protocol can allow anyone to eavesdrop on or hijack devices using wireless networks.
Microsoft on Monday said that it has already fixed the critical Wi-Fi security flaw, which is being dubbed as KRACK. Google has said that it will be rolling out the fix for Android devices in the coming weeks.
"We have released a security update to address this issue. Customers who apply the update, or have automatic updates enabled, will be protected," a Microsoft spokesperson told The Verge late on Monday.
It is going to take some time for the patch to reach non-Pixel Android devices as the ecosystem has been slow in deploying patches, the report added.
"We're aware of the issue, and we will be patching any affected devices in the coming weeks," Google told CNET.
Currently, over a third of Android phones are vulnerable to a simpler form of the attack.
Even if your router is not patched, patching the device should be enough to stop an attacker from getting in the middle, reports said.
According to an advisory issued by the US Computer Emergency Readiness Team (US CERT), anyone using the Wi-Fi Protected Access II (WPA 2) protocol is probably compromised.
The new Wi-Fi security flaw is called "KRACK" -- short for Key Reinstallation Attacks. Security expert Mathy Vanhoef from Belgian university KU Leuven discovered the flaw in the wireless security protocol WPA2.
The flaw affects operating systems and devices, including Android, Linux, Apple, Windows, MediaTek and others.
Apple said that it had already provided the fix for iOS and MacOS that were currently in testing phase. The patch will be released to users within weeks.