Remember KRACK, short for Key Reinstallation Attack?
Nearly two months ago, it was all over the news – what we jocularly call a BWAIN, short for “bug with an impressive name” – because it exposed a cryptographic weakness in WPA, the Wi-Fi encryption protocol that is used to secure most of the world’s wireless networks.
Very greatly simplified, KRACK involved tricking a wireless access point into sending the first two packets of a session scrambled with the same encryption key, with the result that if you knew the content of one of the packets, you could figure out the other.
KRACK wasn’t the end of the world as we know it (we happily reported that Wi-Fi was still safe to use), but it was worth patching against – encrypted Wi-Fi connections aren’t supposed to leak any data, and that’s that.
Apple, amongst others, put out a patch pretty quickly for iPhone users, as we reported in early November 2017…
…but there was a twist in the fix, because it wasn’t for everyone:
According to Apple’s official support documentation, the [02 November 2017] KRACK fix only applies to iPhone 7s, iPad Pro 9.7 (early 2016) and later.
We don’t know why the KRACK patch is only being made available for newer iDevices only – it’s possible a fix for earlier devices is still in the works, or perhaps Apple has determined that these older versions aren’t vulnerable to KRACK at all.
Either way, if you’re a pre-7 iPhone user, keep your eyes peeled for an update from Apple just in case.
Well, the wait is now over, because Apple’s latest round of updates includes iOS 11.2, and that officially (and at last) includes KRACK-related patches for the devices that were left out last time:
Wi-Fi.
Available for: iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone SE, iPhone 5s, 12.9-inch iPad Pro 1st generation, iPad Air 2, iPad Air, iPad 5th generation, iPad mini 4, iPad mini 3, iPad mini 2, and iPod touch 6th generation. (Released for iPhone 7 and later and iPad Pro 9.7-inch (early 2016) and later in iOS 11.1.)
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks – KRACK)
As it happens, numerous other security holes were closed in the iOS 11.2 update, including four vulnerabilities listed as “may be able to execute arbitrary code with kernel privileges”, which is about as close to “good for a full jailbreak and takeover” as you’re likely to hear from Apple.
By the way, macOS goes to High Sierra 10.13.2 in the same tranche of updates, with three “may be able to execute arbitrary code with kernel privileges” fixed for Mac users, too.
Get ’em as soon as you can.
Use Settings | General | Software Update on an iPhone, and Apple Menu | About This Mac | Software Update... on a Mac.
Jeff
Thanks for staying on this, and reporting it. Feels to me that Apple took a long time getting this done for the 6s and earlier.
Paul Ducklin
It does seem a while, doesn’t it? To be honest, I’d sort of forgotten about it, or at least had stopped wondering when it was going to be fixed.)
OTOH, the flaw was not perhaps as serious (at least, not on Android, where there was an additional bug in the flaw that apparently made things a lot worse) as the publicity that surrounded its announcement wanted us to believe.
Danielx64
Thank you for the head up. Do you know what’s annoying about this? That my iPod touch 5th generation would never get the update, and my understanding is that it is not much difference between the 6th gen and 5th gen on the hardware side.