How did Microsoft and Cisco deal with the vulnerability "FragAttacks" of Wi-Fi devices: Anatomy of the wireless LAN threat "FragAttacks" [Part 2]

 Microsoft, the developer of "Windows", and the Linux Kernel Organization, a non-profit organization that manages "Linux", were informed about FragAttacks in advance and took action accordingly. Windows and Linux users can protect themselves by updating their operating systems to the latest version.

In March 2021, Microsoft provided multiple security updates (patches) for FragAttacks. Even for Linux, patches have already been distributed for distributions (distribution packages) that are actively maintained. Whether you're using Windows or Linux, keeping your device's firmware up-to-date as well as your operating system can help prevent FragAttacks attacks.

 Cisco Systems evaluates the risk of FragAttacks as "moderate". This is because FragAttacks cannot be abused for remote attacks. Intel also classifies the severity of FragAttacks in its wireless LAN products as "moderate."

Wi-Fi device vulnerabilities

The network vendor Netgear states that FragAttacks exist in many of their routers, repeaters, and cable modem gateways (equipment that integrates cable TV line modems and wireless LAN routers). Users are encouraged to update their firmware and properly secure their wireless networks with strong passwords.

 The Wi-Fi Alliance, an industry organization for wireless LANs, issued the following statement, stating that "member companies are taking prompt measures to prevent problems caused by FragAttacks from occurring in their products."

Countermeasures against FragAttacks

Mr. Vanhoof points out that "end users and IT administrators can minimize the risk of attacks by following basic best practices." By checking if the websites end users are visiting are using HTTPS, businesses can mitigate attacks that steal sensitive data, Vanhove said.

 In order to bypass the router's NAT (Network Address Translation) function and firewall to prevent attacks that directly target devices, it is necessary to update all devices with FragAttacks. But not all of these devices receive regular updates. Smart and Internet of Things (IoT) devices, in particular, are particularly difficult to secure adequately, Vanhoof said.

Predictive IT trends from TechTarget

From the wealth of articles from TechTarget in the United States, we have carefully selected and delivered the latest technology explanations, product comparisons in hot fields, and examples of IT product introduction by overseas companies. increase.

Tags: