Re: Krack Attack WPA2 vulnerability
agent0071
Enthusiast - Level 2

David,

Any router that can act as a repeater is vulnerable. The quote "routers are not vulnerable" is factually incorrect.

"All Verizon routers are not vulnerable." is a different quote, and implies that no verizon router can act as a repeater or uses 802.11r. Given that Verizon sells repeaters to extend wifi range, and I'm not a verizon engineer, I'll just have to take Verizon's word for it. If only they would issue a formal statement.

0 Likes
Re: Krack Attack WPA2 vulnerability
DavidK11
Newbie

If anyone ever sees any official public statements from Verizon on this, please post it to this thread to help give it some visibility.

0 Likes
Re: Krack
jonjones1
Legend

@HF wrote:

Jon, your faith in Verizon's ability to pro-actively protect us is _so_ much greater than mine.


Maybe because it is not the router itself that the vulnerability lies that makes me feel better. Netgear sent out emails to their customers stating to update the firmware and to first check if it is affected in the firmware update. My Nighthawk was not affected.

everyone should just relax.

0 Likes
Re: Krack Attack WPA2 vulnerability
jonjones1
Legend
0 Likes
Re: Krack Attack WPA2 vulnerability
JDSBlueDevl
Newbie

I just talked to someone in tech support. He said that the Actiontec is quite old and may not get patched. That has me upset, as I do not want to be forced to pay for Quantum (which will inevitably get patched). Why should I have to pay for someone else's mistake?

0 Likes
Does Verizon have a router update for KRACKs?
jisaac100
Newbie

I was reading about the new threat called KRACKs and understand I need to make sure I have the latest firmware for my router. How do I find the firmware and install it? I am on FIOS and have an ACTIONTEC M1424WR router.

0 Likes
Re: Krack Attack WPA2 vulnerability
denison4
Enthusiast - Level 2

KRACK update yet for ActionTec router and extender? Already patched my Linux Mint OS today against it. No patch found yet for Windows based systems.  Will Verizon issue a patch for ActionTek routers, or will we need to overflash it with an WRT program instead?

0 Likes
Re: Krack Attack WPA2 vulnerability
CRobGauth
Community Leader
Community Leader

As others have stated, this is not a router vulnerability.

It is in the client side.

Vulnerability is in the ability to inject a fake message to client.

0 Likes
Re: Krack Attack WPA2 vulnerability
davewwright
Enthusiast - Level 1

All but one of the vulnerabiities are client side, i.e., they require updates to your PC, Mac, tablet, phone, etc.  Most of these vendors have yet to provide patches.  Microsoft has rolled out updates but Apple is still testing fixes in beta.  Expect updates in the next few weeks.

There is one server-side (router) issue.  It only affects routers running 802.11r.  There is no official word from ActionTec -- their web page says we will let you know.  But the assumption is that 802.11r is not enabled on the Verizon FIOS routers.

Re: Krack Attack WPA2 vulnerability
brergo
Newbie

I would never believe a statement like that from a Verizon tech. Sounds like a load of **bleep** from a low level support person who was just telling you what he thought you wanted to hear. Total nonsense. 

0 Likes