Security Flaw Could Ground Wi-Fi Users

No Internet connection needed to be at risk from this bug, security researchers warn.
Posted November 14, 2006

Ed Sutherland

Wi-Fi users beware: Use your wireless computer in public and you could be opening yourself to the latest security risk.

Another security hole could be wide open the moment you switch on a Wi-Fi enabled laptop, warned a group of security investigators, including the Zeroday Emergency Response Team (ZERT), a security monitoring group loosely affiliated with Baylor University.

The flaw, a buffer overflow error in Broadcom's (Quote)BCMWL5.SYS wireless driver, could allow nearby hackers to execute kernel-mode code, according to the Month of Kernel Bugs (MoKB) project, which first warned of the vulnerability.

Hackers already have a tool, the Metasploit Module, which can exploit the security opening, according to the organizations warning users. The exploit "can be used to inject any standard Windows payload into a vulnerable system," according to ZERT's advisory.

Windows laptop users do not need to do anything to be vulnerable. "Windows is exploitable without the existence of an Access Point (AP) or any interaction from the user," according to ZERT. A Wi-Fi card's background scan of available wireless networks triggers the flaw.

"If you are at an airport, coffee shop, or using your computer with wireless card enabled in any public place, you are at risk," ZERT said.

Just how close an attacker needs to be to exploit the Wi-Fi bug depends on the hacker's antenna and signal strength, according to the advisory.

Although chipmaker Broadcom revised its Wi-Fi driver after hearing from user "Johnny Cache," one security group could not offer a patch for such a wide range of hardware. Building a patch for the many different vendors "is impractical," ZERG wrote.

Instead, users who believe they are affected can check the manufacturer's Web site, the researchers suggested. Some computer makers, such as Dell, have automatic update services.

This article was first published on To read the full article, click here.

Comment and Contribute


(Maximum characters: 1200). You have characters left.