Mathy Vanhoef, a Belgian cybersecurity researcher, has discovered new Wi-Fi security vulnerabilities that affect almost any device connected to it. FragAttacks is the name given to the group of vulnerabilities by the researcher.
New Wi-Fi vulnerabilities have been discovered by a cybersecurity researcher, and they affect almost any device that we connect to the Wi-Fi in order to access the Internet. The security flaws are related to how Wi-Fi manages vast amounts of data as well as the Wi-Fi standard.
Mathy Vanhoef, a Belgian cybersecurity researcher who is also known for discovering the widespread Wi-Fi KRACK attack in 2017, discovered the security flaws. FragAttacks is a term coined by Vanhoef to describe the latest vulnerabilities, which stands for “Fragmentation and aggregation Attacks.”
FragAttacks is a collection of 12 security vulnerabilities that could enable a hacker within a Wi-Fi range to target a connected device or even leak user information.
According to Vanhoef, nine of the twelve flaws was caused by programming errors in particular Wi-Fi devices. The other three threats are due to security flaws in the Wi-Fi standard itself. The flaws can also compromise the security protocol WEP, which is used by some Wi-Fi networks.
The only solace that ordinary users can take from this research information is that the bugs are relatively difficult to exploit. Any attempts to exploit the security buds, as Vanhoef points out, involve actual “user interaction” or are only possible via an obscure network setting.
According to a study report by Gizmodo, some manufacturers have already taken note of FragAttacks. For example, Microsoft has released three new updates to fix three of the most common vulnerabilities. Windows 10, Windows 8.1, and Windows 7 have all received these updates. Hence, users of these operating systems can update their devices as soon as possible.
Patches for some of Netgear’s products have also been published. The company confirms on its advisory page that it is working on more such patches that will be published in the future.
Vanhoef listed some simple cybersecurity tips to keep one safe from FragAttacks even if the patches aren’t accessible. In this regard, remember to use a secure and unique Wi-Fi password, as well as websites that use the HTTPS encryption protocol.