The protocol that is used to protect Wi-Fi connections is broken. The weaknesses are said to be in the Wi-Fi standard itself, and not in products or implementations.
Researchers have discovered a new vulnerability in the wireless security protocol WPA2. Attackers can exploit the vulnerability to read information which was earlier said to be encrypted. "An attacker within range of a victim can exploit these weaknesses using key re-installation attacks (KRACKs)," explains a blogpost.
New vulnerability exposed shows that attackers can exploit Wi-Fi access of your devices and expose your private data as well as there is the possibility of injecting malware. The attack works on all modern Wi-Fi modems and can affect Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others. But, Android and Linux devices are believed to be the most affected my multiple vulnerabilities.
It is exceptionally devastating against Linux and Android 6.0 or higher, which is roughly 41 percent, explains the post, as both can be tricked into re-installing all-zero encryption key. "When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted," is further explained.
Researchers have reportedly sent out notifications to specific vendors in July. Security researchers recommend updating router firmware and all client devices to the latest security fixes. Also, you can change the password, though that may not really help stop the attack. Microsoft reportedly already has a fix for the Wi-Fi issue.