When a vulnerability, an attacker could take advantage of it to steal information or compromise a device. In this case it is a new fault that affects the Wi-Fi IEEE 802.11 protocol. It basically allows an attacker to trick access points, such as a router, into leaking information in plain text. This can endanger the privacy of users, so it should be corrected as soon as possible.
A flaw in the IEEE 802.11 WiFi protocol exposes browsing data
It specifically affects the WiFi frames. It is information that has data such as the source and destination MAC address, as well as control and management data. They serve for orderly transmission and avoid problems when exchanging data and monitoring access points.
What a group of security researchers has now discovered is that these frames are not properly protected. An attacker could exploit them, manage to manipulate the transmission of data and impersonate the identity of the device that acts as a client. It could even cause frames to be redirected and capture requests.
Affects wide variety of operating systems, such as Linux, FreeBSD, iOS or Android. They could even intercept the victim’s web traffic. This comes from a defect in the power saving function. It is something that includes the IEEE 802.11 standard so that devices using WiFi save energy by queuing those frames destined for inactive devices.
The attacker could spoof MAC address from any device on the network and thus send energy saving frames to the access points. With this, it manages to put those frames in a queue and later requests activation. But the problem with everything is that the exchange of frames, instead of being encrypted, is transmitted in plain text.
Security researchers have managed exploit this bug through a tool they have created. They have been able to intercept web traffic. There is a list of affected brands, including Lancom, Aruba, Cisco, Asus and D-Link. But these attacks could also be used to inject malicious content such as JavaScript into TCP packets and exploit bugs in the browser, for example.
However, since most traffic today is encrypted, the actual impact of this vulnerability would be limited. There are really few web pages today that work over HTTP, which means that they are not encrypted and in the event of vulnerabilities of this type or browsing public networks, your data could be at risk.
Keeping everything updated is essential
Failures like this that we have seen can happen at any time. It is not the only one there has been and, unfortunately, it will not be the last either. At the user level, what we can do is keep everything updated. It is essential to have the operating system with the latest versionsbut also the browser, the network card drivers or any program.
In addition, updating the router is essential to avoid many problems. Not only will you make the connection more stable, but you will prevent many computer attacks that could compromise your devices. Some routers update automatically, while others you will have to do it manually. This will help you avoid typical router problems.
In short, as you can see there is a new bug that can affect certain devices over WiFi. Although it is an unlikely type of attack to occur, it is to be hoped that they will release patches to correct the problem. Make sure that you always browse HTTPS encrypted websites and that you have your router and any devices properly updated.
