You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

North woods Author

Level 1

18 points

krack hack patch

I learned today that wifi routers (AirPort Extreme) can be hacked with KRACK. Is there a fix for this?

iPhone 6, iOS 8.3

Posted on Oct 16, 2017 3:53 PM

Top-ranking reply

lkrupp

Level 6

17,217 points

Posted on Oct 19, 2017 5:05 PM

Please, people, educate yourselves. The hack is limited to clients and has to do with the WPA2 4 handshake protocol. The hack is made possible by the CLIENT’s response to the fourth handshake, not the authenticator (router). The flaw has been around since day 1 of the WPA2 implementation. It’s a flaw in how the protocol was implemented. This is NOT an Apple only issue. Any device that uses WPA2 is affected. The router is not the base cause and cannot be hacked unless it acting as a client to another router, something almost no home network does. If you want to educate yourself and find out what’s really going on trying watching this video. It’s about twenty minutes long and will tell you everything you want to know about KRACK in great detail. Apple Wi-Fi clients have all been patched in current beta releases. No need to panic or be paranoid.

https://twit.tv/shows/security-now/episodes/633?autostart=false

Fast forward to the 1:32:08 point and listen.

And finally, Apple has NOT stopped support of its networking products. It was a rumor based on another rumor that claimed Apple was reassigning engineers from its networking products team to other projects. RUMOR only, no verification and no confirmation from Apple. Apple networking products are supported and available at Apple stores, online, and at resellers like Best Buy and Amazon. Like the Mac Mini, the Airport and Time Capsule haven’t seen hardware updates in a few years. That does not mean they are no longer supported so STOP with the babbling nonsense.

View in context

32 replies

Nov 1, 2017 4:45 PM in response to Bob Timmons

I suspect you are absolutely right. There are a lot of apartments or old construction that are difficult to wire. I like wire and tend to use Cat-5/6 as much as I can rather than using WiFi, since so many devices are WiFi only these days. I like to keep as much as possible on wire to minimize wireless traffic. I buy 8-port switches for my TV areas so I can connect all of the TV related boxes to the network via wire.

Nov 5, 2017 12:48 AM in response to lkrupp

Correct technically. However Apple AirPorts are frequently used as clients to other wifi networks. The AirPort Express can be joined in client mode to share it's audio port. All of them can connect as clients to extend wifi range wirelessly, and to share their USB ports. This is certainly not something that "almost no home network does". Therefore I would wait for Apple themselves to confirm, but if your AirPorts aren't wired by ethernet, you should consider them vulnerable.

Nov 9, 2017 4:32 AM in response to lkrupp

"The router is not the base cause and cannot be hacked unless it acting as a client to another router ..."

What about AirPort Express box configured as WIFI extender? Is it considered as client or not?

Nov 9, 2017 5:44 AM in response to alex95129

Please look at previous posts in this thread to see that your question has already been answered. Here are some excerpts:

this fixes Apple devices

Not quite, unless I missed something from the Apple "updates".

What if you have an AirPort Express, AirPort Extreme or AirPort Time Capsule acting as a wireless extender for the network? In order to do this, the AirPort must be configured to operate as a wireless client on the network, just like any other wireless device that might connect to the network.

If there was a firmware "fix" for AirPorts behaving as wireless clients on a network.....just like any of the other wireless clients that you have named above.....TVs, thermostats, smart home devices, etc......I missed it.

No firmware updates have appeared for the AirPorts....or....did I miss something?

And

Don't think you fully understood what was mentioned in an earlier post.

I got that information, which assumed that the AirPorts were acting as routers.

But....if the AirPorts are configured to act as extenders, or an AirPort Express is set up to join a network for AirPlay.....the devices "join" a wireless network as wireless clients.....so they are not acting as routers.

It is the clients on a network that are subject to attack, just like any other client....a computer, a mobile device, a TV, a thermostat, etc.

So, Apple provided fixes for other clients.....Macs running High Sierra, Sierra and El Capitan, and iPhones/iPads running a current iOS operating system, the AppleTV4, and others.....but no fix for the AirPorts when they act as clients.

Nov 13, 2017 11:08 PM in response to North woods

The answer is not right when you pair the router with an other the router itself is a device which can hack. When is there a patch by Apple. I bought the router last week and it must be just supported!!!!

Nov 14, 2017 5:38 AM in response to Chris1534

When is there a patch by Apple

This is a question that only Apple can answer. No one here on a user-to-user support forum will know what Apple is planning to do, or when they might be planning to do it.

If you are concerned about this issue....and you cannot connect the AirPorts together using a wired Ethernet connection.....I would suggest that you return the Apple router for a refund.

Dec 16, 2017 6:36 PM in response to Steven Kutoroff

Just updated my TC to 7.7.9 and I assume that this addresses recent issues that may exist in the TC.

Nice going Apple, I hadn't expected any updates since the product was discontinued.

I shopped for a new router, but found none that did everything I wanted in a replacement. Yet.

BTW - a recent update to Sierra seems to have solved my USB problem on restart that's been a problem since El Capitan. Cheers again. I'd update to High Sierra on this old iMac, but it would kill my old MS-Office.

Oct 16, 2017 3:59 PM in response to North woods

No, other than turning off the WiFi on the AirPort router and connecting devices using wired Ethernet connections.

danuke

Level 3

873 points

Oct 18, 2017 3:55 PM in response to LaPastenague

oddly enough, Harvey displaced us to an apartment

Oct 28, 2017 10:24 PM in response to lkrupp

Well at least your being reasonable and polite with your answer.

lkrupp

Level 6

17,217 points

Oct 31, 2017 2:01 PM in response to lkrupp

macOS 10.13.1, tvOS 11.1, iOS 11.1, watchOS 4.1 out today with a fix for the KRACK hack.

Oct 31, 2017 2:05 PM in response to lkrupp

Many thanks, I, and many others, were seriously concerned. Good work on your part!!

Nov 1, 2017 4:21 PM in response to Bob Timmons

I believe an earlier post affirmed that the Airports and TimeCapsules were not vulnerable, but the client devices were at that time still vulnerable.

Nov 1, 2017 4:31 PM in response to Bob Timmons

Sorry I missed that. Thank you for the clarification. I have my various Airports and TimeCapsules all wired together, so I forget that some people connect them wirelessly.

Nov 14, 2017 5:35 AM in response to Bob Timmons

Or connect the second router to the first router with a network cable rather than WiFi.

krack hack patch