And it looks like we're all going to be reflashing a lot of devices.
"The proof-of-concept exploit is called KRACK, short for Key Reinstallation
Attacks. The research has been a closely guarded secret for weeks ahead of a
coordinated disclosure that's scheduled for 8 a.m. Monday, east coast time. An
advisory the US CERT recently distributed to about 100 organizations described
the research this way:
"US-CERT has become aware of several key management vulnerabilities in the
4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The
impact of exploiting these vulnerabilities includes decryption, packet replay,
TCP connection hijacking, HTTP content injection, and others. Note that as
protocol-level issues, most or all correct implementations of the standard will
be affected. The CERT/CC and the reporting researcher KU Leuven, will be
publicly disclosing these vulnerabilities on 16 October 2017."
Ubiquiti already has it patched in UniFi firmware release 3.9.3 (see forums for more detail, or I'll be doing a sticky post in /r/ubiquiti later). 3.8.15 for Broadcom based APs like the first gen UAP-AC and ACv2 should be soon from what I read.
Don't know about Airmax yet though.
So, any bets on the likelihood of consumer gear getting fixes or are we pretty much only expecting prosumer and higher to actually get fixed?