Re: KRACK - WPA2 vulnerability

CSans2 · ‎10-16-2017

I am looking for information on when Intel will supply a wireless driver updated for the https://www.krackattacks.com/ KRACK WPA2 vulnerability. This is a HUGE vulnerability and Intel would have been given a 'heads up' months ago, along with other vendors who already have firmware updates to address KRACK. Clients are the main target of this threat, so a client wireless driver is paramount.

idata · ‎10-16-2017

Hi sansom,

We understand that you would like to know when Intel(R) will supply a wireless driver updated for the KRACK WPA2 vulnerability.

We would like you to know that we will check this with our additional resources and we would keep you posted with any updates.

Regards,

Junior M.

BSmit26 · ‎10-16-2017

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101&languageid=en-fr https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101&languageid=en-fr

has details on this. As far as I can understand the situation right now, though, that page is misleading. It implies that products other than the ones listed are not impacted by the vulnerability, when I think what they mean to say is that every wireless device that supports WPA-2 that they've ever made is impacted but any device not listed on that page is no longer being supported with any driver updates so they aren't going to fix it. Hopefully, I'm wrong somehow.

The fact that my Intel® Centrino® Advanced-N 6205, Dual Band isn't even listed on the support page for discontinued products at https://www.intel.com/content/www/us/en/support/articles/000006507/network-and-i-o/wireless-networking.html Customer Support Options for Discontinued Intel® Wireless Products did not fill me with much hope...

JLuon1 · ‎10-16-2017

I'm in the same situation. Updates for the Intel Centrino would be nice. Thank you for the updates for the Dual Band Wirless-AC.

HLauz · ‎10-19-2017

I also think like you that older versions of the drivers are also vulnerable. Intel, can you please confirm?

HSach · ‎11-03-2017

Hello I updated my Intel(R) Dual Band Wireless-AC 7265 with the lastest driver package. The advisory page https://security-center.intel.com/advisory.aspx%3Fintelid%3DINTEL-SA-00101%26languageid%3Den-fr https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101&languageid=en-fr tells that the driver versions

19.10.9.2 and 19.51.7.2 include the KRACK fix, but the installer only installs driver 18.33.9.3. What information is correct?

Treiber : Intel(R) Dual Band Wireless-AC 7265Hersteller : Intel CorporationAnbieter : IntelDatum : 01.10.2017Version : 18.33.9.3

For 7260 adapters the table tells 18.33.9.3 is the patched version. Maybe the information for the 7265 is simply wrong. Please double check advisory website and driver version listet at the download page.

One other question: Is the client save if the driver is patched or do I need the Microsoft Windows Updates including the KRACK fix, too?

idata · ‎11-03-2017

Hi sansom,

/thread/118740 Here is the legal statement about the KRACK - WPA2 vulnerability.

Hi Brian_K_Smith and jlu0ng ,

As a workaround for the legacy Intel® Centrino® Wireless adapters you can check the following https://www.intel.com/content/www/us/en/support/articles/000026033/network-and-i-o/wireless-networking.html article.

Hi HugoLauziere,

This issue is not related to the driver, it is related to the protocol WPA 2 itself. We recommend you to install the https://downloadcenter.intel.com/product/72252/Intel-PROSet-Wireless-Software latest drivers and also install the Windows* updates that include the fix for the KRACK - WPA2 vulnerability.

Hi Sachse,

The PROSet is going to install the driver depending on the revision for the adapter you have. Based on the driver information, it seems that you already have the driver that is included in the Intel® PROSet/Wireless Software that contains the fix.

Also, we suggest you install the Windows* updates that include the KRACK - WPA2 vulnerability fix.

Regards,

Junior M.