Each time it does so, it resets the "keystream" back to the starting conditions.
The obvious patch that device vendors will make is to only accept the first such packet it receives, ignore all the duplicates.
It's not always reliable, but reliable enough that people need to be afraid. Rather than simply replaying the packet, a packet with key data of all zeroes can be sent.
This allows attackers to setup a fake Wi Fi access-point and man-in-the-middle all traffic.
H-scenes are conspicuously absent, but we’ll probably patch again in April with more. Move decrypted files into game directory, overwrite when asked 4.
You'll need to continue doing this for several years.
Most security vendors will add things to their products/services to defend you. The defense is patching the devices you know about, and preventing vulnerable devices from attaching to your network. Aruba contains WIPS functionality, which means by the time DEF CON roles around again next year, they should have the feature to deny vulnerable devices from connecting, and specifically to detect an attack in progress and prevent further communication.
Other devices, like your Phillips lightbulbs, may not be so protected.
High-end access-points that contains "WIPS" (Wi Fi Intrusion Prevention Systems) features should be able to detect this and block vulnerable clients from connecting to the network (once the vendor upgrades the systems, of course).