New attack methods aimed at routers and mobile phones

A security expert at Juniper Networks has developed a new attack method that allows illegal programs to run on a variety of computer devices, including routers and mobile phones.

At the CanSecWest security conference held in Vancouver on April 19, expert Barnaby Jack demonstrated how to control the router and insert malware into all computers in a network.

Jack said he has discovered a new method that allows turning a common error into a computer - an error deleting an empty mouse pointer reference into something more dangerous than what was previously known.

So far, the empty mouse hole is still not considered serious, although it may cause the computer to hang but does not cause any serious damage. For years, security researchers have known this type of vulnerability, which occurs when a computer notifies a program that a portion of the memory they are looking for does not exist, or "is empty".

However, at the April 19 show, Jack announced that an empty mouse hole could allow illegal software to be run on a variety of computer devices. This new technique is described by Jack as " 100% reliable and capable of executing code on the device ".

However, Jack's empty cursor error exploit code currently only operates on the processor arm Arm and xScale (being widely used for attached devices), not yet possible on architecture. Intel.