the thing is, once the detail of this vulnerability is in the public domain, someone will use it. Right now the odds are small that you will get hacked, but give it time. This is why WEP isn't (shouldn't) be used these days, because people knew how to hack it.
It is a question of doing the right thing, not playing the odds - IMHO
it's good to know, i know there is a limited attack surface since we need to be in physical range, but the exploit is known now, it wont be long before any tom,dick or harry can download a dumb proof gui based tool,
My meraki AP, was updated 2 days ago, think we need it sooner rather than later.
One fix for this problem might be to switch off your SuperHubs wifi (via it's config page - http://192.168.0.1/ ) and connect a 3rd party KRACK patched wireless router to your superhub via an ethernet cable. You'll need to configure the additional router and set your KRACK patched wifi devices to use it's WiFi. You may also need to configure port forwarding or switch the superhub into modem mode to allow remote connections to certain devices (e.g. NAS, some consoles etc). Given that there's no indication of a patch date coming out of Virgin, Netgear or Arris re SuperHub 2 and 3 this maybe the only viable solution for those desperate to have secure WiFi access point ASAP (that is, short of switching internet service providers).
However, it's probably worth mentioning that the vast majority of hardware manufacturers have seemingly been caught on the hop (despite being notified 2 months ago!). What's more, it's not just WiFi access points that need patching. It's the devices that connect to them too. Many are still working on patching the suite of KRACK vulnerabilities. The media has latched onto CVE-2017-13082, but there are several directly related vulnerabilities that need patching too:-
CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
Also, I don't wish to be alarmist, but the notion that the KRACK vulnerabilities are proof of concept gets weaker by the day. The exploits are pretty well documented, so if there weren't people seeking to exploiting them before, you can pretty much guarantee that there are now. And while it's true that the most likely targets for this exploit are businesses, can anyone really be sure that script kiddies won't simply be looking to exploit this vulnerability in target rich, densely packed, urban environments? Never mind war-driving, can you trust everyone that lives and/or walks within your network's wifi radius?
I genuinely hope Virgin, Netgear and Arris patch these exploits ASAP. Disabling Fast Roaming and Meshing as a short term fix would be a really good start.