Moore revealed the new Apple Wi-Fi error attack code
Security researcher HDMoore claims the code he recently announced is capable of attacking a new security bug in the Apple AirPort wireless device driver software.
The AirPort driver versions that come with the wireless network card in iMacs and PowerBooks products sold during the period from 1999 to 2003 have the above security flaws.
HDMoore said the newly discovered security flaw could be exploited by sending malicious packets over a wireless network connection and causing a buffer overflow error and allowing hackers to gain control of the system. mistake.
However, this security researcher claims that it is not easy to conduct such an attack. The necessary condition is that the attacker and the system that makes the mistake must be located on a wireless network. Even so, it is not easy to gain control of the system. Even Moore hasn't done it yet.
' Although it is difficult to take advantage of security flaws in AirPort software to organize an attack to execute malicious code remotely, the possibility of exploiting the attack is possible. That will only be a matter of time and direction. The code I just published is fully capable of creating a buffer overflow that causes problems with the kernel and forces users to restart the system, 'Moore said.
An Apple spokesman, Lynn Fox, said his firm is conducting further research on security bugs in AirPort. ' However, this security bug only affects a handful of older AirPort-integrated products. And AirPort Extreme integrated products don't make this mistake . '
The new security bug published by Moore expert can be considered quite similar to the security bug revealed by two other security researchers at the recent Black Hat Conference. This security error also allows an attacker to gain full control over the system by sending malicious packets over the wireless network.
'Month of kernel errors' (month of kernel bugs)
In parallel with the announcement of the new security flaw code in Apple products, HDMoore also officially launched a 'month of human error'. During this time, every day Moore will announce new security errors of software types.
Previously, Moore expert also organized a similar event - 'Month of browser bugs'. During this time there were a series of security flaws in the browser types revealed by Moore.
The code just released by Moore was added to the Metasploit Framework 3.0 package - the latest version of the security toolkit. These are products commonly used by security researchers to check the safety of systems.
Hoang Dung
- The Windows error code appears
- Appear malicious code to attack Windows Help error
- Moore's Law: 50 years leading the way for humanity
- Apple patches new 'deadly' for QuickTime
- Where does the error 'Error 404' come from?
- Code of attack on MobiFone website is being distributed online
- Appeared to attack Photoshop
- Appear code exploit error Yahoo Messenger
- Apple headache antivirus attack Mac
- Error OpenOffice interconnects multiple operating systems
- QuickTime bug threatens XP, Vista
- Appears dangerous code exploiting Oracle error