Apple has finally addressed the KRACK vulnerabilities in its latest macOS High Sierra, Sierra, El Capitan, iOS 11.1, tvOS and watchOS .
Discovered last month, KRACK (Key Reinstallation AttaCKs) is series of related vulnerabilities that affect every device using WPA2 encryption could allow nearby attackers to intercept and steal data transmitted across a Wi-Fi network.
The latest iOS update includes patches for 13 bugs in Webkit, and other fixes in the kernel, iMessages, Siri, UIKit, StreamingZip, and CoreText. The MacOS updates included several kernel patches and nearly 90 CVE vulnerabilities were addressed with tcpdump.
Apple also released updates for Cloud for Windows 7.1, iTunes 12.7.1 for Windows, and Safari 11.1.
An attacker would need to be within Wi-Fi range in order to compromise a client as the vulnerability and US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates.
