Dell laptop, HP fault Wi-Fi security

Security analysts are now warning users of a serious security flaw in the Broadcom Wi-Fi wireless device driver integrated in HP, Dell, Gateway and eMachines product lines.

The newly discovered Wi-Fi security error is a buffer overflow error in the Broadcom wireless device driver software, which arises when processing 802.11 wireless network packets containing SSID fields that are too long. .

This error can be exploited to remotely execute the binary code in the system kernel mode, taking full control of the notebooks with integrated Wi-Fi features.

However, the ZERT (Zero Day Emergency Response Team) said the attacker could only exploit security bugs if the system had an error in the Wi-Fi coverage area along with the attacker.

The danger level of this security flaw increases when the Windows operating system has installed the error Broadcon Wi-Fi driver that could be exploited even if there are no Wi-Fi hot-spots nearby. and do not need any interaction from end users.

Broadcom Wi-Fi security error is the result of the project ' Month of human error ' launched by HD Moore.

Jon "Johnny Cache" Ellch was the first to discover similar Wi-Fi security errors. The bug was first announced at Microsoft's Blue Hat forum last October. The first product found to be faulty is the Wi-Fi driver in Mac OS X on Apple laptops.

Ellch warned of a security flaw in the Broadcon Wi-Fi driver from early 2006 and expects the manufacturer to release a patch. At the same time, he also collaborated with HD Moore's Metasploit project to develop an aforementioned error attack module to complement security testing tools.

Up to this point, Broad has released the security update above security patch. However, the number of users installing patches is relatively small.

Hoang Dung