Intel's Centrino gear vulnerable to attack

By Edmund X. DeJesus, Contributor 02 Aug 2006 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Because of the potential of remote execution of arbitrary code, antivirus firms believe the possibility exists that the flaws could spawn a malicious wireless worm. This would infect a given system, then spread by wireless network to other systems.

The first vulnerability involves memory corruption while parsing certain frames. Attackers within range of a vulnerable system could potentially execute arbitrary code on the target system with kernel-level privileges. The Bethedsa, Md.-based SANS Internet Storm Center regards this vulnerability as extremely serious. It affects drivers for the Intel 2200BG and 2915ABG PRO/Wireless Network Connection hardware.

The second vulnerability involves insecure usage of shared memory in the PROSet/Wireless Software application. Attackers with access to the target system -- or controlling malicious software installed on the target system -- could potentially obtain access to wireless network security information, such as a WLAN pre-shared WEP key. This vulnerability has been known since May 2006. SANS dubbed this vulnerability as less severe than the other vulnerabilities because it cannot be exploited remotely. The vulnerability affects PROSet software for the Intel PRO/Wireless 2100, 2200BG, 2915ABG, and 3945ABG Network Connection hardware. Applications using the Intel PRO/Wireless Network Connection Software API are also affected.

The third vulnerability involves memory corruption while handling requests for capabilities from higher-level protocol drivers or user-level applications. Attackers could potentially obtain kernel-level privileges on the target system. SANS regards this vulnerability as extremely serious. It affects drivers for Intel PRO/Wireless 2100 Network Connection hardware.

All vulnerabilities only affect users of Microsoft Windows. In a release on its Web site, anti-malware vendor Sophos plc said it has not yet observed any attacks that make use of this exploit.

Santa Clara, Calif.-based Intel has published a tool that helps determine if a system is running affected hardware. Intel has also provided generic upgrades to the software that fixes these vulnerabilities. However, Intel suggests that users of affected systems should consult their vendors for the correct upgrades, because some vendors provide their own versions of the software.

Edmund X. DeJesus is a freelance technical writer in Norwood, Mass.

Tags: Handheld and Mobile Device Security Best Practices,  Smartphone and PDA Viruses and Threats,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Handheld and Mobile Device Security Best Practices Screencast: Find rogue wireless acess points with Vistumbler Secure your remote users in 2010 Researchers find thousands of flawed embedded devices Best Mobile Data Security Products Should Windows Mobile updates come from Microsoft? MMS messaging spoof hack could have global ramifications How to prevent mobile phone spying Unified communications: Securing a converged infrastructure RIM patches serious BlackBerry Attachment Service flaws How secure are iPhone App Store mobile applications? Handheld and Mobile Device Security Best Practices Research Smartphone and PDA Viruses and Threats How do hackers bypass a code signing procedure to inject malware iPhone worm Rickrolls jailbroken phones US-CERT warns of BlackBerry snooping software Mini guide: How to remove and prevent Trojans, malware and spyware SMS attacks against BlackBerry certificate flaw possible MMS messaging spoof hack could have global ramifications Unified communications: Securing a converged infrastructure RIM patches serious BlackBerry Attachment Service flaws Latest Apple iPhone features prompt security concerns SMS mobile worm attacks Symbian smartphones

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary