ITS

Information Technology Services
Information Technology Services

A new WPA vulnerability could allow hackers to intercept traffic from devices to wireless networks.

Researchers have recently discovered a weakness in the WPA and WPA2 (Wifi Protected Access) protocol that could allow hackers to intercept traffic from devices on a wireless network. 

How can I protect myself from these vulnerabilities? 

Patches for some operating systems and WAPs (Wireless Access Points) have already been released. Please urgently apply the available patches. Where possible, ensure that your devices are set to check for automatic updates in order to detect and install these patches; other patches will become available over the coming weeks for supported operating systems and WAP firmware. 

Note: if the device is on an unsupported operating system, it may remain vulnerable.  

How are the vulnerabilities exploited? 

These vulnerabilities require the attacker to be connected to the same WPA network that your device is connected to in order to be exploited.  

Attackers can utilize these vulnerabilities to read Wi-Fi traffic between devices and wireless access points (e.g. wireless controllers, routers), and in some cases, even modify the traffic to inject malware into websites. Where this is the case, as you navigate to a website of your choosing, you will unknowingly download malware onto your device.  

Security researchers state that devices running macOS, Windows, iOS, Android, and Linux are affected. 

What is Queen's doing to protect me? 

ITS has patched all centrally managed wireless routers and access points (WAPs). If your WAP or device on the Queen's network is not centrally managed by ITS, please contact the IT Support Centre as soon as possible at (613)533-6666. 

Where do I go if I need help?

If you are unsure how to proceed, please contact the IT Support Centre at (613)533-6666 or by filling out the online help form at queensu.ca/its/helpform.  

Tags: