|What You Need To Know?
|A researcher released a description and proof of concept code that takes advantage of a previously-unknown flaw in WPA2. In some very limited situations WPA2 will re-use encryption keys which allows attackers to read unencrypted network traffic. This attack is not easy to use and attackers must be within reception distance of the wireless network. Because this is a defect in WPA2 itself it potentially affects all WiFi devices that support WPA2. Patches for all major operating systems are available or will be available shortly.
|What is Xerox Doing About This?
|The majority of Xerox devices that support WiFi connections do so via an optional external adapter. Xerox partners with third party companies to supply these adapters. Xerox is collecting information from its partners regarding whether or not they are vulnerable and what the next steps should be. For Xerox devices that have WiFi built-in, patches will be made available.
|Attackers taking advantage of this WPA2 flaw can only read unencrypted network traffic. Traffic over encrypted protocols such as HTTPS cannot be read.