This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Any comments from Sophos regarding WPA2 may be cracked by KRACK (Key Reinstallation AttaCK)

firmware upgrades?



This thread was automatically locked due to age.
Parents Reply
  • Karlos, can you have whoever put up that article list the actual firmware version that is fixed for Cloud Wireless and XG?  Kind of a guessing game without that info.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
  • Hey  

    I've updated version numbers for UTM & Central. I will update the information for XG once I receive the information from our Wireless team.

    Thanks,
    Karlos

    Karlos
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.
  • I downloaded and installed the new firmware for both RED and AP.

    I believe that is not the end of it, I still need to make sure my phone/tables etc etc also get patched, is that correct?

     

    Thanks

  • Yes your clients should also update -- the AP / RED updates mitigate this attack when attaching to Sophos-managed SSIDs, but when you're in the wild, the client should be patched as well.  Microsoft already released patches in their October update ... I don't have any clients with Macs (at least that I manage) so I'm not sure when or if they have already patched their gear.  Android... who knows... come of the carriers are slow to push updates.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.