Well-known security investigator pointing out errors in WiFi security there is another risk. Newly discovered bugs, known as “frag,” are believed to be more common because they are based on WiFi standard, with some bugs since 1997. Although a number of other problems are caused by WiFi software errors and affecting any WiFi device, Belgian security researcher Mathy Vanhoef wrote on him blog.
Ideally, if used, those threats allow a radio host to hide weapons or weapons of mass destruction. However, the likelihood of malicious abuse being compromised should be minimal as the threats require the connection of users or foreign users of this network.
Explaining how they work, Vanhoef explained that a number of bugs can be misused to “easily inject” frames connected to a secure Wi-Fi network, “and some devices receive” integrated frames that appear to be shaking hands. “This could be used to tackle traffic by enticing them to use a malicious DNS server,” the researcher said.
Other vulnerabilities are connected to a Wi-Fi hotspot and then include network-based packets, allowing the attacker to throw data by injecting his or her faulty number at a time. Vanhoef has sent a demonstration of the error, along with a detailed description of the frag of the fragment, which you can see below.
As he has found in the past – including the “Krack Attack” from 2017 – Vanhoef shared his findings with the Wi-Fi Alliance. For the past nine months, the agency has been working with arms dealers on reforms that address the shortcomings.
As a result, some repairs have already been made or are in the pipeline. Microsoft has reported three of the 12 bugs affecting Windows operating systems in the bags released on March 9th, according to a cyber security page Notes. The Linux kernel fragment also works in output, reports ZDNet.
Customs such as Cisco, Juniper Networks, Sierra Wireless and HPE / Aruba Networks have also started patrolling to address the problem, according to the Industry Consortium for Advancement of Internet Security (ICASI). You can see if your device has received any 12 patches by checking firmware updates and searching for changes related to the CVE mentioned ICASI page. In case you did not know, Vanhoef recommends that people be able to access the web pages through a secure HTTPS connection.
“There is no evidence of malicious abuse of Wi-Fi users, and these issues are mitigated through device upgrades that enable the detection of spreadsheets or compulsory security measures,” said the Wi-Fi Alliance.
All sales selected by Engadget are selected by our publishing team, independent of our parent company. Some of our articles include helpful links. If you purchase one of these links, we will be able to make a donation.
Source link
