1715

On October 16, 2017, the world learned of KRACK (or Key Reinstallation AttaCK).  KRACK targets the authentication “handshake” performed when your Wi-Fi client device attempts to connect to a protected Wi-Fi network. The encryption key can be resent multiple times during an authentication process, and if attackers collect and intercept retransmissions, Wi-Fi security encryption can be broken – creating the possibility for a data breach.  For more information on the KRACK vulnerability, please visit the original discovery paper.

After undertaking an assessment of risk for our SecureDoc customers, WinMagic is advising that while KRACK does impact our pre-boot wireless support because SecureDoc uses standard Linux Wi-Fi drivers, the risk is mitigated by the fact that PBConnex runs an encrypted protocol on top. Nevertheless, WinMagic is working to provide additional protections in our upcoming SecureDoc 7.5 Service Release 1 (SR1).  7.5 SR1 will be available by November 07, 2017, and its availability will be communicated to customers at that time.  

SecureDoc customers using Pre-boot UEFI mode (PBU), or not using pre-boot WiFi networking, are not affected by this vulnerability.