On Oct. 31, 2017, Apple released a set of updates for Mac computers, iOS devices (iPads and iPhones), Apple TVs, and Apple Watches. These updates contain a critical fix necessary to ensure your security when connecting to wireless networks. *The Office of Information Technology (IT) recommends, in the strongest possible terms, that you install these updates on all of your Apple devices immediately.*
Approximately two weeks ago, computer security researchers announced the discovery of a technique they called ‘KRACK’ for defeating the encryption protocols in most wireless networks. IT can secure the UM wireless networks against this kind of attack, but when you connect to other wireless networks outside of campus you generally have no way of knowing how well-maintained they are in general, much less if they have been specifically patched against this known issue. For this reason, it is crucial to install this fix on your devices.
Users of non-Apple devices should check that their software update utilities are working properly and install any available patches as well. Microsoft patched Windows to correct the KRACK fault almost immediately after it was announced, so auto-updating Windows devices should already be patched. Android devices have significantly more variance from one device manufacturer to the next, so it is impossible for any one article like this to tell you definitively whether your Android device is ready to be patched. Launch its software update utility to check; if no patch against KRACK has been or is ready to be installed, check back daily until it is.infosec, iOS updates, iPad, iPhone, IT Security, KRACK