Apple is working on a fix to roll out as soon as possible to all its users. They've stated that there is a fix for this vulnerability in the beta versions, but that the fix is not in the latest update you have on your device.
So, what can you do?
Don't connect to Wi-Fi at hotels, coffee shops, or anywhere outside your place of business or home. Even at your house or area of work use a VPN.
Wait, even at my house?
Yes. Essentially the attacker can read all the information that is being transmitted wirelessly throughout your home. That said, if you use a VPN you're making an encrypted tunnel around the information you're sending and not relying on the WPA2 protocol that should keep your data safe. So, even if the attacker is looking at the data on your home network, the VPN is making it unreadable.
Also, if you're out and about, please turn off the Wi-Fi capability on your iPhone or iPad. By turning off the Wi-Fi, you're making your iPhone or iPad solely dependent upon cellular data, which is not susceptible to this attack.
Where can I get a VPN?
I use Encypt.me because it's fast, simple, relatively cheap, and works on all of my devices without In-app purchases. However, there are free VPNs that you can grab out on the web or the App Store, but most have In-app advertising or In-app purchases.
Lastly, there is a question of whether or not Apple is going to update their routers because they plan to send out patches to their devices through the updates component. In short, nobody knows, but it doesn't hurt to check the settings on your Apple router to make sure you get the update if they decide to push one out.
Here's how to do that:
1) Open up Spotlight and type in "AirPort Utility."
2) In the upper left hand corner click the bolded name "AirPort Utility" and scroll down to select "Preferences."
3) Checkmark these boxes:
a) "Check for updates when opening AirPort Utility
b) "Check for updates automatically (select "Daily" from the drop-down box)
That's it everyone! I'll send out another post when the updates for Apple devices are available. Take care.
It appears that a security update for the CVE-2019-1402 vulnerability in each version of Microsoft Office causes this error. Here is the list of Office security updates that you can uninstall.
Office 2010: Description of the security update for Office 2010: November 12, 2019 (KB4484127)
Office 2013: Description of the security update for Office 2013: November 12, 2019 (KB4484119)
Office 2016: Description of the security update for Office 2016: November 12, 2019 (KB4484113)