Last week, Microsoft released an update ‘Windows 10 Cumulative Update KB4041676‘. Guess what was also included within this… Yup! The Patch for the Krack Vulnerability. At this time the KRACK vulnerability that was not publicly disclosed, until Monday, October 16 2017.
Very slick move on the part of Microsoft slipping this in to protect its customers against such a threat. For those who dig deep into the updates notes would have arrived at Microsoft’s Security TechCenter post which reads.
“A spoofing vulnerability exists in the Windows implementation of wireless networking. An attacker who successfully exploited this vulnerability could potentially replay broadcast and/or multicast traffic to hosts on a WPA or WPA 2-protected wireless network.”
For the post and affected Microsoft products:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080