Does anybody know at which hacker conference this was reported? I find the article too general. I want to understand the implications and would like to read more about it.
One site in the hacker world is linking to this article [computerweekly.com]..presumably this link and site is what they are referring to ;)
The site ( which I do not link to due to possible issues with the TOS ) is not a "hacker conference" heh heh "panic stations everyone" ~~:0"dive ..dive! " ..but is a clearing house for various things ..specialising in security and vulnerabilities reporting ..
if you want sticky me ..for the URL ..Hanu read your
one cannot be aware of what is said at all the meetings( there aren't many though ) ..there was one ( security meeting )this last weekend ( maybe )in Korea ..maybe someone from the area was there and maybe can say if this was discussed? ..then again the Korean meeting may not have happened yet ..
Does anybody know if Microsoft has released a Security Update yet?
If so, anybody know if there have been any confliction issues with those Intel M chips (the ones with the inbuilt wireless cards?)
I've only recently been having connection issues with my laptop and my AP... only when WPA or WEP is enabled on the AP though - been trying to discover whether a Windows Update was to blame.
If anybody has experienced similar problems and knows of a way to fix it, that would be great :)
The article says at the bottom:
"As a result of the flaw, security experts have warned companies to make sure their staff use personal firewalls or are using Windows XP Service Pack 2, both of which prevents attacks."
I did too read about SP2
So what's the big deal?
If SP2 is known as stopping the attack
And knowing that a vast majority of users run conscientiously or not SP2
More about this (including links to the article with more detailed information and workarounds) on the securityfocus site...
I read the MS Security Response Center Blog daily and those guys haven't made mention of this at all yet.
henry0: So what's the big deal? If SP2 is known as stopping the attack
because MS does not allow to upgrade to SP2 for anyone who has invalid key - and that includes many, many PCs that came with volume licensed XP, OEM installations, partner keys that were on the internet and were invalidated by MS, etc. etc. i.e. in a world outside "US businesses" it is pretty much anyone who didn't purchase XP directly from MS.
The first widely public presentation of this flaw was at ShmooCon.
The flaw is that a WiFi networking in Windows will "remember" the last WiFi network it connected to.
Next time when there is no WiFi network to connect to, it will use the previous WiFi network name, and starts broadcasting it.
(Technically not exact, but trying to keep it simple.)
With that knowledge, and knowing some default settings, an other machine can connect to the target WiFi machine.
Fix? Turn off by default your WiFi network card when not in use.
Thanks for the input; understood
>>volume licensed XP, OEM installations, partner keys that were on the internet
Any proper OEM furnishes a valid license key. I've bought many personal PCs and never had a problem. The only people with a bogus license key either bought their PC from a sketchy vendor or knowingly installed bogus Windows. If someone's illegal Windows blows up because of a virus, I don't have a lot of sympathy. The problem, I suppose, is that some worms and trojans might use the large number of illegal installations to spread and/or attack other machines; this would create untold havoc and bad PR for Microsoft, since the vulnerability would be presented in the press as a "Windows flaw", not a "flaw affecting illegal Windows copies".
The guy on the street corner with an overcoat full of watches isn't selling genuine Rolexes, and the spammer who emails you offering to download Windows for $50 isn't selling the real thing either.
seems like this is an easy fix as already stated.
disable your WiFi card if your not using it.