Wi-Fi Security protocol Key Re-installation Attack (KRACK): Impact Status on Dell Products

Dell is aware of the vulnerabilities affecting the Wireless Protected Access II (WPA2) protocol that can be exploited through key reinstallation attacks External Link (KRACK). The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track these vulnerabilities:

CVE-2017-13077 External Link - Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake

CVE-2017-13078 External Link - Reinstallation of the group key (GTK) in the 4-way handshake

CVE-2017-13079 External Link - Reinstallation of the integrity group key (IGTK) in the 4-way handshake

CVE-2017-13080 External Link - Reinstallation of the group key (GTK) in the group key handshake

CVE-2017-13081 External Link - Reinstallation of the integrity group key (IGTK) in the group key handshake

CVE-2017-13082 External Link - Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it

CVE-2017-13084 External Link - Reinstallation of the STK key in the PeerKey handshake

CVE-2017-13086 External Link - Reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake

CVE-2017-13087 External Link - Reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

CVE-2017-13088 External Link - Reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

Dell is investigating this issue to identify potential product impacts and will update this article with information as it becomes available, with impacted products and remediation steps. Please refer to the Patch Guidance section for details on patches published by Operating System vendors.

Key Re-installation Attack vulnerability (KRACK)

OS Patch Guidance:

Microsoft Windows: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080
Ubuntu - https://usn.ubuntu.com/usn/usn-3455-1/
RHEL - https://access.redhat.com/security/vulnerabilities/kracks
Neokylin OS- For Neokylin Linux OS updates please follow their official WeChat account, 中标软件支持服务

References:

Research paper entitled "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2": https://papers.mathyvanhoef.com/ccs2017.pdf
Research website: https://www.krackattacks.com/
CERT/CC Vulnerability Note VU#228519: https://www.kb.cert.org/vuls/id/228519
Wi-Fi Alliance Security Update: https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update

For status of Dell EMC products, browse to: https://support.emc.com/kb/511474

For status of RSA products, browse to: https://community.rsa.com/docs/DOC-84103

Dell Products Affected:

Dell Consumer and Commercial Client Systems

Dell Client computers (Dell Precision, Latitude, OptiPlex, Inspiron, Vostro, XPS, Alienware) use a variety of wireless network adapters and the resolution will vary by manufacturer.

To get a concise list of the drivers available for the wireless network adapter installed in your Dell computer, refer to the Dell Knowledge Base article Drivers and Downloads FAQs .

Note: This article provides information on how to automatically determine the Service Tag of your computer which is needed to provide you the specific drivers for your Dell computer.

The affected wireless cards and expected dates for the remedy are as follows:

Broadcom – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.

Dell Wireless 1820 WiFi
Dell Wireless 1830 WiFi

Intel – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.

Intel® Dual Band Wireless-AC 3160
Intel® Dual Band Wireless-AC 3165
Intel® Dual Band Wireless-AC 7260
Intel® Dual Band Wireless-AC 7265
Intel® Dual Band Wireless-AC 8260/8265

Qualcomm – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.

Qualcomm QCA9377 (DW1810) / QCA61x4A (DW1820) / QCA6174A-XR

Killer Wireless – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.

Killer Wireless 1435
Killer Wireless 1435-S
Killer Wireless 1535

Realtek – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.

Dell Wireless 1801

The affected Dell printers and expected dates for the remedy are as follows:

Product	Firmware Update (or greater)
Dell Color Multifunction Printer E525w	A07
Dell Color Cloud Multifunction Printer \| H825cdw	A07
Dell Multifunction Printer \| E515dw	A04
Dell Multifunction Printer \| E514dw	A04
Dell Cloud Multifunction Printer \| H815dw	A06
Dell Color Cloud Multifunction Printer \| H625cdw	A07
Dell Printer \| E310dw	A04
Dell C3765dnf Multifunction Color Laser Printer	A14
Dell C1760nw Color Printer	A03
Dell C2660dn Color Laser Printer	A05
Dell C3760n Laser Printer	A10
Dell C3760dn Laser Printer	A10
Dell Color Smart Multifunction Printer \| S3845cdn	A04
Dell Color Smart Printer \| S3840cdn	A04
Dell B2375dfw MFP	A06
Dell B1165nfw MFP	A04
Dell B1160w Printer	A06
Dell B1265dfw MFP	A03
Dell Smart Printer \| S2830dn	A01
Dell Smart Printer \| S5830dn	A02
Dell Color Smart Printer \| S5840cdn	A04
Dell B5460dn Laser Printer	A11
Dell B5465dnf Multifunction Laser Printer	A10
Dell B2360d Laser Printer	A11
Dell B2360dn Laser Printer	A11
Dell B3460dn Laser Printer	A11
Dell B3465dn Laser Printer	A11
Dell B3465dnf Laser Printer	A11

Update 02/21/2018

These patches may also include the firmware component of the Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method Advisory (INTEL-SA-00088), please refer to the Dell Knowledge Base for complete details on Dell PCs and Thin Client.

Per Intel’s guidance on January 22nd External Link , Dell removed all BIOS updates from our support pages marked as "Suspended Release" while Intel conducted root cause analysis for reported reboot issues and unpredictable system behavior.

Starting February 8th External Link , Dell has made available previously-removed BIOS updates for various CPUs. As Intel continues to provide production microcode for other processor generations, Dell will release BIOS updates for the listed affected platforms.

All customers with an affected platform should download the latest BIOS update listed below.

Model Name	Supported OS	MS Patch Update	WiFi Driver Update	BIOS Update	Image Update
Wyse 3020 thin client	Xenith, ThinOS	n/a	n/a	n/a	For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later.
Wyse 3030 thin client	Windows Embedded Standard 7	Available	18.33.9.3	n/a	n/a
Wyse 3030 LT thin client	ThinOS	n/a	n/a	n/a	For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later.
Wyse 3030 LT thin client	ThinLinux 1.x (SLES)	n/a	n/a	n/a	1.0.7
Wyse 3040 thin client	ThinOS	n/a	n/a	n/a	For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later.
Wyse 3040 thin client	ThinLinux 1.x (SLES)	n/a	n/a	n/a	1.0.7.1
Wyse 5010 thin client	Xenith, ThinOS, ThinOS (PcIP)	n/a	n/a	n/a	For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later.
Wyse 5010 thin client	Windows Embedded Standard 7	Available	18.33.9.3	n/a	n/a
Wyse 5010 thin client	Windows Embedded Standard 7 Premium	Available	18.33.9.3	n/a	n/a
Wyse 5010 thin client	Windows Embedded 8 Standard	Available	n/a*	n/a	n/a
Wyse 5020 thin client	ThinLinux 1.x (SLES)	n/a	n/a	n/a	1.0.7
Wyse 5020 thin client	Windows Embedded Standard 7	Available	18.33.9.3	n/a	n/a
Wyse 5020 thin client	Windows Embedded Standard 7 Premium	Available	18.33.9.3	n/a	n/a
Wyse 5020 thin client	Windows Embedded 8 Standard	Available	n/a*	n/a	n/a
Wyse 5020 thin client	WIE10 TH	Available	18.33.9.3	n/a	n/a
Wyse 5040 AIO	ThinOS	n/a	n/a	n/a	For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later.
Wyse 5040 AIO thin client with PCoIP	ThinOS	n/a	n/a	n/a	For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later.
Wyse 5060 thin client	Windows Embedded Standard 7 Premium	Available	19.10.9.2	n/a	n/a
Wyse 5060 thin client	WIE10 RS	Available	19.10.9.2	n/a	n/a
Wyse 5060 thin client	ThinLinux 1.x (SLES)	n/a	n/a	n/a	1.0.7
Wyse 7010 thin client	ThinOS	n/a	n/a	n/a	For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later.
Wyse 7010 thin client	Windows Embedded Standard 7	Available	18.33.9.3	n/a	n/a
Wyse 7010 thin client	Windows Embedded Standard 7 Premium	Available	18.33.9.3	n/a	n/a
Wyse 7010 thin client	Windows Embedded 8 Standard	Available	n/a*	n/a	n/a
Wyse 7020 thin client	Windows Embedded Standard 7	Available	18.33.9.3	n/a	n/a
Wyse 7020 thin client	ThinLinux 1.x (SLES)	n/a	n/a	n/a	1.0.7
Wyse 7020 thin client	Windows Embedded Standard 7 Premium	Available	18.33.9.3	n/a	n/a
Wyse 7020 thin client	Windows Embedded 8 Standard	Available	n/a*	n/a	n/a
Wyse 7020 thin client	WIE10 TH	Available	18.33.9.3	n/a	n/a
Latitude 3460 mobile thin client	Windows Embedded Standard 7 Premium	Available	19.10.10.2	A13	n/a
Latitude E7270 mobile thin client	Windows Embedded Standard 7 Premium	Available	19.10.10.2	1.18.5	n/a
Latitude 3480 mobile thin client	WIE10 RS	Available	20.10.1.3	1.6.1	n/a
Latitude 5280 mobile thin client	WIE10 RS	Available	12.0.0.448	1.8.2	n/a

*Wyse 5010, 5020, 7010 and 7020 with WE8S. There is no planned update for WE8S because those versions are no longer supported by the chipset vendor.

Note: Please read the Update note above for more information about systems marked with "Suspended Release".

Client Products with Intel® Active Management Technology (AMT)
The systems below are affected and can receive patched Intel® Management Engine Firmware either via stand-alone Windows-compatible update utility (MEFW Update) or integrated in Dell BIOS release (BIOS Update). Dates in this list are estimates provided for customer planning purposes and will be updated with links to downloadable packages when available.
These patches also includes the firmware component of the Intel ME/TXE Advisory (INTEL-SA-00086), please refer to the Dell Knowledge Base on the Intel ME/TXE advisory for complete details.
Product	Intel® Management Engine Firmware Update (MEFW Update) or BIOS Update
Embedded Box PC 5000	1.4.2
Enterprise Server T20	A16
Enterprise Server T30	1.0.12
Inspiron 23 (5348)	A10
Latitude 5175	1.0.29
Latitude 5179	1.0.29
Latitude 5280	Corp_LP_11.8.50.3425
Latitude 5285	1.3.4
Latitude 5288	Corp_LP_11.8.50.3425
Latitude 5289	1.10.2
Latitude 5404	A15
Latitude 5414	1.15.0
Latitude 5480	Corp_H_11.8.50.3425
Latitude 5488	Corp_LP_11.8.50.3425
Latitude 5580	Corp_H_11.8.50.3425
Latitude 7202	A19
Latitude 7204	A13
Latitude 7212	1.9.0
Latitude 7214	1.15.0
Latitude 7275	1.1.34
Latitude 7280	1.8.2
Latitude 7285	1.1.3
Latitude 7350	A16
Latitude 7370	1.15.3
Latitude 7380	1.8.2
Latitude 7389	1.10.2
Latitude 7404	A14
Latitude 7414	1.15.0
Latitude 7480	1.8.2
Latitude E5250	A19
Latitude E5270	1.18.6
Latitude E5430	A20
Latitude E5430 vPro	A20
Latitude E5440	A21
Latitude E5450	A19
Latitude E5470	1.18.6
Latitude E5530	A20
Latitude E5530 vPro	A21
Latitude E5540	A21
Latitude E5550	A19
Latitude E5570	1.18.6
Latitude E6230	A19
Latitude E6330	A20
Latitude E6430	A22
Latitude E6430 ATG	A22
Latitude E6430S	A20
Latitude E6430U	A14
Latitude E6440	A21
Latitude E6440 ATG	A21
Latitude E6530	A21
Latitude E6540	A24
Latitude E7240	A24
Latitude E7250	A19
Latitude E7270	1.18.5
Latitude E7440	A25
Latitude E7450	A19
Latitude E7470	1.18.5
OptiPlex 3050	1.7.4
OptiPlex 3050 AIO	Corp_H_11.8.50.3425
OptiPlex 5040	1.8.1
OptiPlex 5050	1.7.4
OptiPlex 5250	Corp_H_11.8.50.3425
OptiPlex 7010	A26
OptiPlex 7020	A15
OptiPlex 7040	1.8.1
OptiPlex 7050	Corp_H_11.8.50.3425
OptiPlex 7440 AIO	1.8.6
OptiPlex 7450	Corp_H_11.8.50.3425
OptiPlex 9010	A29
OptiPlex 9010 AIO	A23
OptiPlex 9020	A22
OptiPlex 9020 AIO	A17
OptiPlex 9020M	A16
OptiPlex 9030	A19
OptiPlex XE2	A22
Precision 3420 Tower	Corp_H_11.8.50.3425
Precision 3510	1.18.6
Precision 3520	Corp_H_11.8.50.3425
Precision 3620 Tower	Corp_H_11.8.50.3425
Precision 5510	1.6.1
Precision 5520	1.6.2
Precision 5720 AIO	2.3.6
Precision 5810 Tower	A25
Precision 5810 XL Tower	A25
Precision 5820 XL Tower	1.1.3
Precision 7510	1.15.4
Precision 7520	1.9.1
Precision 7710	1.15.4
Precision 7720	1.9.1
Precision 7810 Tower	A25
Precision 7810 XL Tower	A25
Precision 7820 Tower	1.3.3
Precision 7910 Tower	A25
Precision 7910 XL Tower	A25
Precision 7920 Tower	1.3.3
Precision M2800	A14
Precision M4700	A18
Precision M4800	A23
Precision M6700	A19
Precision M6800	A23
Precision R7610	A16
Precision Rack 7910	2.7.1
Precision T1650	A27
Precision T1700	A25
Precision T3610	A16
Precision T5610	A16
Precision T7610	A16
Venue 11 Pro (7130)	A25
Venue 11 Pro (7140)	A15
Vostro 23 (3340)	A08
XPS 12 (9250)	1.1.34
XPS 13 (9343)	A15
XPS 13 (9360)	2.5.1
XPS 13 2-in-1 (9365)	In Process
XPS 15 (9550)	1.6.1
XPS 15 (9560)	1.7.1
XPS 27 AIO (7760)	2.3.6

Wireless Networking, Latitude E7270 mobile thin client, Latitude 3460 mobile thin client, Wyse 3020 Thin / Zero Client, Wyse 3030 Thin Client, Wyse 3030 LT Thin Client, Wyse 3040 Thin Client, Latitude 3480 mobile thin client , Wyse 5010 Thin Clients / D10D/D10DP/D90D7, Wyse 5020 Thin Client, Wyse 5040 AIO Thin Client, Wyse 5060 Thin Client, Wyse 5070 Thin Client, Latitude 5280 mobile thin client, Wyse 7020 Thin Client, Wyse 7010 Thin Client / Z90D7 ...

Wi-Fi Security protocol Key Re-installation Attack (KRACK): Impact Status on Dell Products