Wireless Driver Vulnerabilities

There are a couple notes to pass along with regards to some pretty serious vulnerabilities in various wireless network adapter drivers. First, Sans has information on some Intel Centrino updates that resolve some vulnerabilities that would affect the Windows Centrino driver and the ProSet management software. F-secure chimes in on this noting that the download is a whopping 129MB.

If that’s not enough to raise your concern over the security of your driver installs…. Brian Krebs is reporting on the prospects of hijacking a macbook in 60 seconds. The exploit is possible due to a flaw in the wireless driver on the macbook. This is coming from a Black Hat presentation later today. They chose a Mac mainly because Mac users have a smug sense of invincibility and pointed out that they found similar flaws in other wireless chipset drivers.

Now, I know there will be quite a few people looking for the OFF switch for their wireless radio. (My preference is OFF by default and then switch ON when you choose to…)

If there is some good news in this, it is that of all the above issues, none seem to be in the process of being actively exploited. That much said, keep an eye out for driver updates for your wireless cards as they are certainly part of the “software stack” that could be exploited. The other lesson here is that NO system/OS is invulnerable. ALL OS’es need security updates to maintain a good security baseline.

Update – 9:49PM EDT–

The video of the presentation is now at the above link on hijacking a Macbook in 60 seconds. Of course it was taped so as not to give anyone at the conference a chance to sniff the wireless traffic and dissect what the attack specifically does. They’re trying to give the driver vendors the upper hand here.

Also, there’s more coverage here and likely will be a flood of coverage as many people discover that having their laptops with wireless on all the time is potentially a problem…. surprise…. This looks like the kind of big splash story that MAYBE can wake a few people up to the risks involved with wireless.

–update 8/3/06 11:30 AM EDT–

f-secure has an update with regards to the centrino driver download…. They’ve run into some problems with the update …

on one machine the toggling on/off of the Wi-Fi radio leads to a maximum connection time of 5 minutes. Booting with the radio on to begin with works fine.

Also in some cases the Intel Proset wireless manager forgets favorite networks and WEP/WPA keys.

I’ve also seen A LOT of people that are very skeptical of the claims made in the video. Some posting comments over on slashdot seem to think that they HAD to use a third party card with a THIRD PARTY driver to make it work. According to THIS security fix post it sounds as though the problem was not illustrated with the macbooks built in wireless due to pressure from Apple (Apple hadn’t addressed the issue yet.) According to the presenters the default Macbook wireless drivers ARE VULNERABLE TO THE SAME ISSUE. Also, it the concern over doing the presentation live is re-stated.

I think what comes across is that the point of the demonstration was that multiple wireless card driver sets arevulnerable to exploit. Typically drivers may not get the same kind of scrutiny that core OS software MAY get (or the kind of scrutiny server applications may get.)

Related Posts

Blog Traffic Exchange Related Posts
  • Windows updates for February could set record There could be a record number of vulnerabilities addressed next week when Microsoft releases an expected dozen updates for its Windows and Office products. (According to Brian Krebs at the Security Fix.) Tuesday February 13th is the date scheduled for the release of updates. One critical udpate will affect Microsoft's......
  • Remote tech support with anything - would I do it? I've tried to ask myself if I'd trust someone enough to let them run a remote session on my own desktop to solve a problem. I think the answer is "it depends". If you think about it, I do tech support for home users quite a bit and they let......
  • Microsoft fixes security fix.... Well, for the second month in a row (I don't recall one in March..) Microsoft has re-released a patch for Windows. This time it's the Flash patch (which really falls under 3rd party software). They've re-worked the version detection of the update in an attempt to solve all the problems......
Blog Traffic Exchange Related Websites
  • How to Install a Window Air Conditioner the Right Way As summer approaches, those of us without central air are getting ready to go through the annual ritual of installing our window air conditioners. However, were you aware that a bad installation can actually raise your electricity costs and make it harder to say cool? Here are some tips to......
  • Download Microsoft Windows 7 RC Hi Folks, Microsoft has released Windows 7 RC. Here's what you need to know: This is pre-release software, so please read the following to get an idea of the risks and key things you need to know before you try the RC. You don't need to rush to get the......
  • Steadfast Finances was Hacked, Now Restored. (Thanks HostGator!) Last week, several lines of "seemingly malicious code" found its way into SF's theme. This prompted Google, Firefox, Google Chrome and even Twitter, to quickly label this blog as a "Reported Attack Site". If you happened to visit SF from the RSS feed, the email subscriber list, or basically clicked......
PDF24    Send article as PDF   

Similar Posts

See what happened this day in history from either BBC Wikipedia
Amazon Logo

One Response to “Wireless Driver Vulnerabilities”

  1. Mac Wireless driver Security vulnerability revisited-- Avery J. Parker - Web site hosting and computer service Says:

    [...] A couple weeks ago the hot story was about the demonstration of a vulnerability in a 3rd party wireless card driver on a Mac. The individuals that demonstrated the vulnerability (in a video taped presentation) also claimed that many wireless drivers were vulnerable to this same flaw and it included the MacBook native drivers (among others.) There was immediate controversy over the fact it was a video demo. I thought their explanation for that was reasonable. (They didn’t want to give a room full of crackers a chance to sniff the wireless traffic and get TOO much detail on the exploit before vendors had a good chance to give updates.) Well… at this point it sounds like among other things, they have not yet demonstrated to Apple an effective use of this exploit against the wireless drivers on the macbook. [...]

Switch to our mobile site