Ancient Wi-Fi security flaw ‘FragAttacks’ has been dealt with by Samsung

SamMobile

SamMobile
SamMobile
A new security flaw was discovered and recently disclosed by security researcher Mathy Vanhoef — the same researcher who had discovered the
Please, Log in or Register to view URLs content!
nearly four years ago — and it’s a doozy. In fact, the researcher found dozens of vulnerabilities that affect hundreds of millions of Wi-Fi devices (if not more), from phones to TVs and IoT products, regardless of their brand and year of release.

The collection of vulnerabilities was dubbed FragAttacks (short for fragmentation and aggregation attacks) and as scary as it may sound, the researcher found that these vulnerabilities affect all modern Wi-Fi security protocols including WPA3, as well as the original security protocol, WEP.

In essence, FragAttacks is a collection of security flaws that have existed since 1997 but were only recently discovered. And because they are baked into the Wi-Fi protocols, they affect virtually any devices with Wi-Fi capabilities.

These FragAttacks vulnerabilities can be abused in two ways. Firstly, if the right conditions are met, the flaws can be abused to steal sensitive data. Secondly, an attacker can exploit these flaws to attack devices connected to a home network.

The second part poses a bigger risk because, according to the
Please, Log in or Register to view URLs content!
, many smart home and IoT devices are rarely updated and they rely on the built-in security of the Wi-Fi protocols to stay impervious to malicious attacks most of the time.

Samsung began addressing all of these issues last month​


Although the scope of this newfound FragAttacks vulnerability is huge, the good news is that Samsung customers might be safer than others.

It turns out that Samsung’s been quietly addressing all twelve FragAttacks vulnerabilities with the release of the
Please, Log in or Register to view URLs content!
, and this is probably why the company has done such an amazing job at releasing the April update for so many Galaxy devices, new and old.

The April 2021 security patch has not only addressed all the FragAttacks vulnerabilities that have been disclosed so far, but it has also includes two additional fixes for vulnerabilities labeled: CVE-2020-11264 and CVE-2020-11301. They seem to be a part of the FragAttacks collection of vulnerabilities, but they haven’t been mentioned on the security researcher’s website.

All in all, Samsung is proving once again that it’s on top of things when it comes to firmware updates and security patches. The only problem is that certain devices that have become too old will probably remain vulnerable, given that these security flaws have been around for decades.

You can use our
Please, Log in or Register to view URLs content!
if you want to make sure that your phone is running the latest security patch available in your region.

Please, Log in or Register to view URLs content!


The post
Please, Log in or Register to view URLs content!
appeared first on
Please, Log in or Register to view URLs content!
.

Please, Log in or Register to view URLs content!
 

Users who are viewing this thread

Top