Windows Wi-Fi flaw confirmed
Date: January 18, 2006Source: searchsecurity.techtarget.com
By:
Mark "Simple Nomad" Loveless -- senior security researcher for Mountain View, Calif.-based Vernier Networks Inc.'s Vernier Threat Labs and a self-described hacker -- released details of the glitch last weekend at the ShmooCon 2006 hacker conference in Washington, D.C. In his written findings, Loveless said, "If a laptop connects to an ad hoc network it can later start beaconing the ad hoc network's SSID as its own ad- hoc network without the laptop owner's knowledge. This can allow an attacker to attach to the laptop as a prelude to further attack."
The problem is essentially a configuration error that spreads virus-like from laptop to laptop, Loveless said in his written findings. In field tests, numerous ad hoc SSIDs such as "linksys," "dlink," "tmobile," "hpsetup" and others have been documented, he said.
A Microsoft spokesman said via e-mail Tuesday that the vendor investigated Loveless' findings and determined that "customers who have connected to an 'ad hoc' wireless network in the past that was not protected with wireless encryption could be lured into connecting to a malicious advertised 'ad hoc' wireless network under limited circumstances." But, he added, "Customers that are using a firewall and a fully updated system are at reduced risk from attack following this connection."
Customers can also neutralize the threat by configuring their systems to only connect to "infrastructure" networks in the advanced wireless configuration settings, the Microsoft spokesman said. "Due to the design of this feature," the spokesman added, "the most appropriate method for adjusting the default behavior is in a future service pack or update rollup."
Original article
Add comment
Email to a Friend
