West Virginia University Computer Security and Privacy Incident Reporting System
File An Incident Report Learn more about defending your data.Content on this website will be moved to the IT Help Center at it.wvu.edu/help on Sunday, May 19. If you cannot find an article you need, please call the ITS Service Desk at 304-293-4444.
Wireless Network patch scheduled for Oct 26 and Oct 27 to address KRACK vulnerability
A recently identified vulnerability, known as KRACK, in a WiFi core encryption protocol puts the majority of Wifi connections at risk. Vendors are working to release updates and patches to address the vulnerability. As patches are released and tested, the security patch should be applied to all network and personal devices.
HSC ITS will apply the security patch to the HSC wireless network (wvu.encryptped) to help protect our users from the KRACK attack. The patch will be applied Thursday, Oct 26, 5am – 5:10am to Morgantown/Eastern campuses and on Friday, Oct 27, 5am-5:10am, to the Charleston campus. No action from any wireless user is needed as devices will automatically reconnect when the wireless network is back online.
This vulnerability allows a skilled attacker, albeit requiring significant expertise and computing power, within proximity of the wireless link to replay packets from a client and eventually decrypt the communication.
All users should ensure personal smartphone devices are updated as security patches are released by the device vendor as some wifi networks may not be patched from this issue.
Please contact the HSC Help Desk if you have any questions at hsc_helpdesk@hsc.wvu.edu or 304.293.3631.