AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.
AppleInsider has learned that Apple has rectified the "KRACK Attack" Wi-Fi WPA-2 exploit in "recent" macOS, iOS, tvOS, and watchOS betas — but was unable to confirm that a patch is coming for the AirPort series of routers.
Sources inside Apple not authorized to speak on behalf of the company has told AppleInsider that the patch to remove hardware susceptibility was included in a "previous" beta of the current range of operating systems — meaning a release before Monday's batch. However, our source specifically noted that AirPort hardware, including the Time Machine, AirPort Extreme base station, and AirPort Express does not have a patch available — and was not certain if one was in progress.
The last firmware update for the AirPort family of hardware was in Dec. 2016 — well before the May disclosure of the vulnerability. It is not clear at this time if a patch for the KRACK exploit will be issued for the AirPort.
AppleInsider has reached out to Apple for more information regarding the AirPort family of devices, and to find out specifically which beta versions implement the KRACK patch.
Both a router and a client device must be susceptible to the KRACK Attack vector for the assault to succeed. If either are patched, then no data can be gleaned from the man-in-the-middle method publicized on Monday morning.
The exploit takes advantage of a four-way handshake between a router and a connecting device to establish the encryption key. Properly executed, the third step can be compromised, resulting in the re-use of an encryption key — or in some cases in Android and Linux, the establishment of a null key.
The researchers claim that the attack vector completely opens up an Android 6.0 and later devices. Other operating systems, including iOS and macOS are less impacted, but "a large number of packets" can still be decrypted from all.
The attack uses one or more of 10 different exploits. The details of the exploit were submitted for review on May 19, and a conference presentation will be delivered on Nov. 1.