Online security is once again at stake due to a new threat revealed early Monday morning. Researchers explained that a new bug called KRACK (key reinstallation attacks) can exploit vulnerabilities in Wi-Fi security, which would allow attackers to eavesdrop on traffic between computers and wireless access points.
This new threat takes advantage of certain key management vulnerabilities in the WPA2’s widely used security protocol. This protocol protects personal and enterprise Wi-Fi networks. “If your device supports Wi-Fi, it is most likely affected,” researchers say.
So, yes, this is serious.
Researchers explain that 41 percent of all Android devices are vulnerable to an “exceptionally devastating” variant of the Wi-Fi attack. All Wi-Fi devices could be affected though, making them vulnerable to data theft or unwanted code injections. Researchers recommend patching all Wi-Fi clients and access points once fixes become available. Until then, folks will have to continue using WPA2 (WPA1 is also at risk and WEP security is even worse).