NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

AngryDog's avatar
AngryDog
Guide
Oct 16, 2017

Ubiquiti are also releasing a patch.  I belive that they have one available on beta test.  I've been trying to get my manager to move to Ubiquiti for a while, this could push us..

  • AngryDog's avatar
    AngryDog
    Guide
    Oct 16, 2017

    Done!  This is serious and needs addressing ASAP.

     

    My only query is, is that does a patched AP with an unpatched device (like a mobile phone / laptop) mean that it is secure?

    • Auri's avatar
      Auri
      Star
      Oct 16, 2017

      From what I understand, as long as ONE device is patched, you're OK. It appears that the hack works by forging a copy of the Wi-Fi network, then getting the device onto the forged network. If the device doesn't require a certificate re-send on the hop to the new network, then it's vulnerable. I tweeted a link:

       

      http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf

       

      Ideally, you want the client OS patched, and all routers as quickly as possible.

      • AngryDog's avatar
        AngryDog
        Guide
        Oct 16, 2017

        Reading more into this, and thanks to your link, traffic sent via HTTPS doesn't seem to be affected?

         

        Also, would using a VPN negate this as well?

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More