Skip to main content

These are the router makers that have patched KRACK WPA2 Wi-Fi flaws

An exploit that has taken the "protected" out of Wi-Fi Protected Access II (WPA2) means that your wireless network is likely not as safe as you once thought. What security researcher Mathy Vanhoef is calling "KRACK" attacks the handshake portion of the WPA2 protocol. Mobile Nations Senior Editor Jerry Hildenbrand put together a comprehensive guide on exactly how the exploit works and how you can protect yourself, also mentioning some information on patches containing a fix. To help you stay on top of which vendors are patching the vulnerability, we rounded them up here.

Router vendors that have issued KRACK patches

As mentioned in Hildenbrand's article, the best way to protect yourself from this exploit is to not use Wi-Fi at all until a proper fix has been proven. CERT has released notes on the KRACK problem, including a list of vendors whose equipment is vulnerable.

Some security-minded companies have already worked on fixes and are offering patches for both client and router. Check back often, as we will keep this list updated.

There are also a number of vendors listed as "Not affected" on the CERT website without further explanation from the vendors themselves. These include:

Furthermore, some companies have posted bulletins regarding their products that weren't affected.

Last updated: October 20, 2017, 12:21 pm EDT

Cale Hunt is a staff writer at Mobile Nations. He focuses mainly on PC, laptop, and accessory coverage, as well as the emerging world of VR. He is an avid PC gamer and multi-platform user, and spends most of his time either tinkering with or writing about tech.
  • Any word on Google WIFI?
  • Yeah, that's why it's on the list...
  • What list? Their not on the patched list
  • I smell drug use.
  • Google is working on patching that and your unit(s) will auto-update when the patch goes live.
  • Source? Things like this are why I like the idea of a cloud connected router, so I would like to know that the company that makes mine (Google in this case) are actually working to patch these security issues.
  • Exactly. Where's the statement? Further, this needs to be pushed to every Android device. Patching a router is a half measure. Your phone is still vulnerable at every coffee shop or work place network.
  • Jerry's article on KRACK was updated with a statement from Google that said as much.
  • Thanks. Things like this are why security updates have steadily moved up on my list of important features for phones.
  • Google WiFi was only vulnerable to the KRACK exploit when in WiFi recovery mode (so not vulnerable during normal operation), but they patched the recovery mode vulnerability on 2017-11-27.
  • looks sad, we can't see major router manufacturers in this list
  • Who is the vendor for the xfinity routers?
  • Not a chance you'll get patched! Download all the movies and music you want because now you have an out!
  • I'm sure they'll patch it. It's not Xfinity, it's the manufacturer. Too many customers to leave at risk
  • SMC
  • The one I have is by Arris. There should be branding on yours on bottom or in back.
  • arris? motorola?
  • I believe Motorola or Arris, depending on what type of router you have.
  • Anything from Apple yet?
  • Yep. Don't you see it up there in the list??...?
  • Please quit posting nonsense
  • Tell that to the people posting stupid questions.
  • Yeah, because someone asking if any info is available about a specific brand that's not listed in the text is stupid, right?
  • They're not asking if it's DONE, they're asking if there's INFORMATION. As in, have they made a statement yet? Indicated when it will be available? Acknowledged the problem and that they're working on it?
  • Don't be an ah
  • They're marked "unknown" if they are affected or not on CERT's website.
  • I have WiFI disabled on my AT&T modem they provide. I use 2 Asus routers on my set up, but wasn't aware of this issue till today
  • Most xfinity routers are Motorola
  • des anyone know what make the routers are from ee
  • Netgear is on it. My WNDR3400v3 is fixed.
  • But it's still a WNDR3400v3 unfortunately.
    I've got one of those in my junk drawer.
    Won't give it to friends. That would be mean.
  • Everything I'm seeing says it is the DEVICE that needs to be patched, not the Router.
  • I would imagine either or both ends need it.
  • Well, you're both right. Part of the exploit is in the 802.11r standard for Fast Transition roaming (mostly Apple devices support this) and this is the only part that can be patched on the router or wireless controller/AP. The other parts (of which there are 7 according to Cisco's PSIRT) are all client related and must be patched on the client's. Linux, and by extension Android, are especially easy to perform this exploit on because interrupting the 4-way handshake that initiates the encryption causes the client to reset the encryption key to all zeros. TL,DR: Both the client and the router/AP must be patched...
  • Mojo/Airtight have sent an OTA patch.
  • any idea about the tmo asus router? i cant find any info
  • Asus i still on the unknown list, but this is the latest firmware dated September 8th. I assume they will path if affected.
  • Check that, the T-Mobile branded router has a different firmware. We have to wait for T-Mo to update. TM-AC1900 is the model number.
  • yup....thats what i was afraid of....i have the tmo one....
  • Is there something special about the t-mobile version? What happens if you just update it manually with the Asus version or is it locked somehow?
  • from what i understand, the tmo version is locked and can not be manually updated. probably has something to do with whatever tweaks tmo required due to the router being used for wifi calling.
  • According to the below the problem is when a device connects as a client. Most routers are configured to act as a central connection point, which the krack seems to not effect. It seems like it's our phones and other smart devices that connect as a client that needs fixing.
  • Ubiquit announced that their consumer product AmpliFi has also been patched effective yesterday:
  • Good news, I've developed a universal solution for the issue. I call it the Asymmetric System Solver KRACK or A.S.S Krack. If anyone wants to see my 'code', let me know
  • I am not sure. I'm not too worried about it though. The patch will get installed when it is ready.
  • I am enabling all my devices (Android and Windows 10 PCs ) with a VPN tunnel to stop my devices from being hacked. I thought a lot of the KRACK issues were with the wireless devices themselves and not the router per say. Correct me if I'm wrong.
  • Plume's KRACK FAQ
  • Do these companies auto update the routers or do I need to manually load the patch?
  • From my experience you can just log into your router and check for updates. It will download and install, but it's manual. Won't automatically do it without your input.
  • doe anyone know what make the routers are that ee uses
  • Can we clarify things? My ROUTER doesn't have wifi turned on since I use Google Wifi. From what I read it would appear that my ROUTER doesn't need a patch. Correct? Is it me or does the press simply lump ROUTER and wifi access point together and think that they are the same thing?
  • I think what you're referring to as your router is actually your modem. Your modem handles shuttling traffic between inside your network and the internet outside. Sometimes (like a Comcast modem+WiFi access point) the modem also acts as a router for multiple devices, but since you only use the device to connect via Ethernet to your Google WiFi, it is not providing routing for your home network. In your case, your Google WiFi is your router (and it is also your wireless access point). A router basically coordinates all of your internet-connected devices' traffic and assigns internal IP addresses to each of those devices. As a bonus, a "switch" allows you to plug in even more devices to the network, usually 5 or 10, and then it sends all of their traffic back to the router, which again, will assign each of those devices its own IP address. A switch is basically equivalent to a power strip that allows you to plug 6 things into a single outlet on the wall.
  • So Linksys is neither affected or unknown?
  • Linksys claims they have patched most of the WRT models and about half of the EA ones.
  • No Asus, nice.
  • If you only use your home wifi I would think your chances of having an issue are pretty slim. Then once the patches come out,,,,,,:)
    It's coffee shop wifi I'd be concerned about as always
  • Use a VPN
  • No TP-Link there I see.
  • Not sure why Apple is on this list when their precious AirPort Extreme hasn't received a firmware upgrade and only,the betas of iOS have a fix. Maybe this is an apple conspiracy to get people,to,upgrade to,the buggy and battery draining iOS 11.