WPA2 Vulnerability Patch Information

Date & Time

Saturday, December 30, 2017
Midnight to 12:15 AM
At Ubiquiti Networks we take security very seriously, and realize that it is of the utmost importance. Today, a vulnerability was ...........


One of the Fastest to Patch WPA2 Vulnerability Issue

At Ubiquiti Networks we take security very seriously, and realize that it is of the utmost importance. Today, a vulnerability was published about WPA2 encrypted networks, the most commonly recommended encryption method available to protect Wi-Fi devices. We have been working with Jouni Malinen, the original author of hostap, as well as other industry leaders in security, to roll out a stable UniFi firmware in time for the public disclosure. (For more information about the KRACK vulnerability, click here.) 

To ensure our customers are protected, we released firmware v.3.9.3.7537 for UniFi Access Points. This firmware resolves the vulnerability on any affected UniFi device and is available for download:

Model Firmware Link MD5 Checksum Link
UAP-AC-LITE
UAP-AC-LR
UAP-AC-PRO
UAP-AC-M
UAP-AC-M-PRO
UAP-AC-IW
UAP-AC-IW-PRO
Binary MD5
UAP-AC-HD
UAP-AC-SHD
Binary MD5
UAP
UAP-LR
UAP-Outdoor
UAP-Outdoor5
Binary MD5
UAP v2
UAP-LR v2
Binary MD5
UAP-PRO Binary MD5
UAP-Outdoor+ Binary MD5
UAP-IW Binary MD5

For instructions on how to upgrade your AP’s firmware, click here.

The following devices are not affected, so they do not require a firmware update:

UAP-AC
UAP-AC v2
UAP-AC-Outdoor

The changelog for firmware v3.9.3.7537 can be found HERE. This firmware has been pushed to all recent 5.6.x controller builds, as well as on our community blog. We will be rolling out to other controllers in the near future.

One of the Fastest to Patch WPA2 Vulnerability Issue

Notes

Please note that this vulnerability affects Wi-Fi client devices more specifically than access point devices, and we strongly encourage that all users check with the appropriate mobile device, laptop, and IoT manufacturers for firmware updates resolving the KRACK issue for their devices.

At this time, the beta feature 802.11r (“Fast Roaming” in the controller UI) is still vulnerable, so we recommend that you temporarily disable this feature. 802.11r has not been shown to improve roaming performance dramatically without full 802.11k support, so it is not recommended for multiple reasons. We are actively working on patching this, and it will be ready in the near future.

For continuing updates, click here.