Found this memo from the Internet of Things Department:
As long as you are updating your routers...
KRACK Fixes - the key reinstallation attack is a devastating flaw in Wi-Fi’s WPA security protocol makes it possible for attackers to eavesdrop on your data when you connect to Wi-Fi. Dubbed KRACK, the issue affects the Wi-Fi protocol itself—not specific products or implementations—and “works against all modern protected Wi-Fi networks,” according to Mathy Vanhoef, the researcher that discovered it. That means that if your device uses Wi-Fi, KRACK likely impacts it. Fortunately, major tech companies are moving quickly to patch the issue.
The attacker can eavesdrop on all traffic you send over the network. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on."
Newer phones running Android 6.0 or later are actually more at risk since there is an existing vulnerability in the code that compounds the issue and makes it easier to “intercept and manipulate traffic.” Patches started rolling out on Nov. 6th for Pixel and Nexus devices but it could take weeks or even months for Android hardware makers and cellular providers to validate and deploy the patch to other phones and tablets. Many devices, especially older ones, may never receive the update.
Other devices that can leave your network wide open if not patched include:
Wemo Switch
Wemo Motion Sensor
Wemo Light Switch
Wemo Link
Wemo Insight
Wemo Dimmer Released 2/6/18: firmware 2.00.11036
Wemo Mini
Wemo Slow Cooker
Wemo Humidifier
Wemo Coffee Maker
Wemo Heater
Wemo Netcam HD+
Wemo Netcam Night Vision