Apple Patches KRACK Flaws in Boot Camp
12.7.2018 securityweek Apple
Apple has released an update for its Boot Camp utility to address vulnerabilities related to the wireless Key Reinstallation Attacks (KRACK) that were disclosed late last year.
A total of 10 KRACK vulnerabilities were disclosed in October 2017, all impacting the Wi-Fi standard itself and rendering all Wi-Fi Protected Access II (WPA2) protocol implementations vulnerable. The new type of attack also impacts industrial networking devices.
An attacker looking to exploit the vulnerabilities would need manipulate replay handshake messages to trick the victim into reinstalling an already-in-use key. An attacker within Wi-Fi range of a victim would then have access to information previously assumed to be safely encrypted.
Vendors raced to patch the flaws, and Apple themselves released a fist set of KRACK-related patches in October last year, for iOS, macOS, tvOS, and watchOS devices. The company also addressed the bugs in Apple Watch and AirPort Base Station Firmware.
Apple is now pushing a fix for Boot Camp, the multi-boot utility included in macOS that allows users install Microsoft Windows operating systems on Intel-based Macs.
With the release of a Wi-Fi Update for Boot Camp 6.4.0 last week, the Cupertino-based tech giant is addressing a total of three KRACK-released flaws, which are tracked as CVE-2017-13077, CVE-2017-13078, and CVE-2017-13080.
By targeting vulnerable devices, an attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients or in WPA multicast/GTK clients, Apple explains in an advisory.
The software update, the company explains, is available for a broad range of machines running Boot Camp, including MacBook (Late 2009 and later), MacBook Pro (Mid 2010 and later), MacBook Air (Late 2010 and later), Mac mini (Mid 2010 and later), iMac (Late 2009 and later), and Mac Pro (Mid 2010 and later).
“A logic issue existed in the handling of state transitions. This was addressed with improved state management,” Apple noted.