Skip to main content

Millions of Amazon Echos, Kindles Vulnerable to Wi-Fi Attack: What to Do Now

A first-generation Amazon Echo device.
(Image credit: amedley/Shutterstock)

If you've got a first-generation Amazon Echo or an eighth-generation Amazon Kindle, and millions of people may, make sure your device software is up to date. 

That's because unpatched devices are susceptible to the two-year-old KRACK attack, which could let others break into your Wi-Fi transmissions, disable your router and even steal your passwords.

The flaws in the Echo and Kindle were found by ESET researchers a year ago, and Amazon pushed out fixes to the devices a few months later. ESET released a report on its Amazon research and findings today (Oct. 17).

Both Echo devices and Kindles are supposed to automatically update themselves, but they might not if you or someone else has changed the settings.

How to update your Echo or Kindle

To make sure your Echo is up-to-date, select Devices in the Alexa mobile app, select each Echo, then select About. 

As of today (Oct. 17, 2019), the latest software version for first-generation Echos is 641571120. If it's not, then make sure the Echo has a working internet connection and either restart it or tell it "Check for updates."

It's not always easy to tell one generation of Kindles from the next, but Amazon has a detailed guide to different Kindles on its website. 

The eighth-generation Kindles were released in July 2016 and have a touchscreen and an adjustable screen light, but no physical buttons on the front. The eighth-generation Kindle Oasis was released in May 2016 and does have physical buttons on the front. 

Both models should be on software version 5.12.2. If not, update the software by clicking here from a regular eighth-generation Kindle, and here from an eighth-generation Kindle Oasis.