There are a couple notes to pass along with regards to some pretty serious vulnerabilities in various wireless network adapter drivers. First, Sans has information on some Intel Centrino updates that resolve some vulnerabilities that would affect the Windows Centrino driver and the ProSet management software. F-secure chimes in on this noting that the download is a whopping 129MB.
If that’s not enough to raise your concern over the security of your driver installs…. Brian Krebs is reporting on the prospects of hijacking a macbook in 60 seconds. The exploit is possible due to a flaw in the wireless driver on the macbook. This is coming from a Black Hat presentation later today. They chose a Mac mainly because Mac users have a smug sense of invincibility and pointed out that they found similar flaws in other wireless chipset drivers.
Now, I know there will be quite a few people looking for the OFF switch for their wireless radio. (My preference is OFF by default and then switch ON when you choose to…)
If there is some good news in this, it is that of all the above issues, none seem to be in the process of being actively exploited. That much said, keep an eye out for driver updates for your wireless cards as they are certainly part of the “software stack” that could be exploited. The other lesson here is that NO system/OS is invulnerable. ALL OS’es need security updates to maintain a good security baseline.
Update – 9:49PM EDT–
The video of the presentation is now at the above link on hijacking a Macbook in 60 seconds. Of course it was taped so as not to give anyone at the conference a chance to sniff the wireless traffic and dissect what the attack specifically does. They’re trying to give the driver vendors the upper hand here.
Also, there’s more coverage here and likely will be a flood of coverage as many people discover that having their laptops with wireless on all the time is potentially a problem…. surprise…. This looks like the kind of big splash story that MAYBE can wake a few people up to the risks involved with wireless.
–update 8/3/06 11:30 AM EDT–
f-secure has an update with regards to the centrino driver download…. They’ve run into some problems with the update …
on one machine the toggling on/off of the Wi-Fi radio leads to a maximum connection time of 5 minutes. Booting with the radio on to begin with works fine.
Also in some cases the Intel Proset wireless manager forgets favorite networks and WEP/WPA keys.
I’ve also seen A LOT of people that are very skeptical of the claims made in the video. Some posting comments over on slashdot seem to think that they HAD to use a third party card with a THIRD PARTY driver to make it work. According to THIS security fix post it sounds as though the problem was not illustrated with the macbooks built in wireless due to pressure from Apple (Apple hadn’t addressed the issue yet.) According to the presenters the default Macbook wireless drivers ARE VULNERABLE TO THE SAME ISSUE. Also, it the concern over doing the presentation live is re-stated.
I think what comes across is that the point of the demonstration was that multiple wireless card driver sets arevulnerable to exploit. Typically drivers may not get the same kind of scrutiny that core OS software MAY get (or the kind of scrutiny server applications may get.)
Related PostsRelated Posts
- Preventing the automatic update to Internet Explorer 7 Internet Explorer 7 is set to be released this month (October 2006) and it will likely be an automatic update for Windows users either November or December of this year. (I'm thinking November.) Now, it's been a long time in the making, at one point Microsoft said there wouldn't be......
- Fasten your seatbelts - Browser vulnerability a day to be announced in July I hope there aren't too many browser developers that have planned on taking July off..... I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This......
- Microsoft Update day for September.... AND Flash... AND Apple Yesterday, of course, Microsoft released it's monthly patches. I found the Windows update site to be painfully slow (and in some cases unresponsive.) It wasn't quite a huge update day by recent standards, but here's the summary.... Incidents.org has a nice chart showing the two re-released patches (one is actually......
- Insuring a Hybrid Vehicle This post is a guest blog written by Travis Overby. Due to environmental concerns and the rising cost of fuel, more people are looking to buy or lease fuel-efficient vehicles. In recent years, the sales of hybrid vehicles have grown in leaps and bounds. Not only do hybrid vehicles decrease......
- Wireless HD Video Transmitter Receiver [/caption] If you hate messy cables and wired connections, you are into the right page. Yes, i am speaking about the Wireless HD video transmitter and receiver. Its the best choice, a product which cleans wired space on your home or office. When it comes to remoteness, there are not......
- Avoid 3 Newbie Blogger Mistakes I Made! Here are Three Newbie Blogger Mistakes You Should Avoid! So, you want to start promoting your book, short story or poems to the world? Blogging can be a great vehicle for promotional marketing, especially if it is set up correctly the first time. Don’t make the same three major mistakes......
- Mac Wireless driver Security vulnerability revisited
- Intel Proset Wireless update
- Apple Macbook pro and other wireless fixes
- Good wireless security post
- Microsoft moving display drivers outside the kernel