NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
ALL FIRMWARE should be updated. More info: https://betanews.com/2017/10/16/krack-wpa2-security-vulnerability/
36 Comments
- TacoFeline: Please continue with KRACK 2018
- A paper presented in October 2018 by those that discovered the original KRACK 2016 vulnerability discloses that previous patches are both at least in part ineffective and that attacks are far easier to successfully perpetuate than originally thought. https://papers.mathyvanhoef.com/ccs2018.pdf. At least one package, wpa_supplicant up to version 2.6, IS vulnerable to KRACK. The most recent version of wpa_supplicant is 2.7, was released December 2nd 2018, but I am not certain that this version is patched for the latest KRACK exploits. But any firmware released before December 2nd 2018 definitely DOES NOT counter KRACK. Your firmware date is 10/17/2018. So no, your firmware is not patched for KRACK. Will start a new thread on this if anyone is interested or curious as to how NETGEAR responds, if it does, to what I'll call KRACK 2018.
- R7900 with firmware 1.0.3.8_10.0.37 will it fix KRACK I have a Netgear Nighthawk X6 R7900 router and am using firmware version 1.0.3.8_10.0.37 DOSES THIS VERSION OF FIRMWARE FIX THE PROBLEMS CREATED BY KRACK? If it does not fix KRACK what can I do to work around the problem? I have seen Security Advisory for WPA-2 Vulnerabilities PSV-2017-2826, PSV-2017-2836 https://kb.netgear.com/000049498/Security-Advisory-for-WPA-2-Vulnerabilities-PSV-2017-2826-PSV-2017-... The listings do not show R7900 I am using my router in BRIDGE MODE Is firmware V1.0.3.8_10.0.37 sufficient to solve the KRACK problem?
- The R7000 appears to be patched for KRACK exploit, NETGEAR lists it as vulnerable only for firmware version 1.0.9.12 and below. https://kb.netgear.com/000049498/Security-Advisory-for-WPA-2-Vulnerabilities-PSV-2017-2826-PSV-2017-2836-PSV-2017-2837
Yes this is great there is an update!
However, can we get confirmation that thi fixes the KRACK exploit? Every other patch mentions it by name - this one doesn't. Thanks!Thanks, NETGEAR Team, for doing the right thing and supporting the R7000
( https://kb.netgear.com/000052576/R7000-Firmware-Version-1-0-9-14 ) :robotvery-happy:
Still nothing for the R6220 though, huh? I did get the e-mail saying there was a new version. The latest firmware on netgears site is the same one I already have installed, 1.1.0.50_1.0.1
One more note on the release notes for the R7000 12/1/17 patch: The light will blink amber during an update, but should return to solid WHITE after the patch is complete, not solid amber as stated in the release notes.
"- The upgrade process is completed when the on screen progress bar completes.
- If the upgrade progress bar on web GUI doesn’t display correctly during firmware upgrade, you can still check the status using Power LED. The Power LED should be blinking (amber) during firmware upgrade. After firmware upgrade is done and boots up the system, it changes to steady AMBER color
- Please DO NOT power off or reboot the device during firmware upgrade, otherwise, it may result to a corrupt firmware and cause the device not to work.
OK, so they are still supporting the R7000 Nighthawk from all I can tell, since the just released a patch on 12/1/17. It says it addresses "secuirty issues," however every other patch kas mentioned the KRACK vulnerability. This one does not mention it by name. Any thoughts? Link to patch below - as the above post for the ORBI system, it must be installed manually and won't show up on your router's admin page... not sure why.
https://kb.netgear.com/000052576/R7000-Firmware-Version-1-0-9-14Netgear has rolled out a patch for the ORBI system that patches the WPA2 KRACK vulnerability (V2.0.0.76). It will not show up as an online update, it must be installed manually. I uploaded the patch yesterday. For those with other routers, you may want to check, as it seems Netgear is finally getting these updates out to us.
https://kb.netgear.com/000049562/RBR50-RBS50-Firmware-Version-2-0-0-76-Hot-Fix
