Network News

X My Profile
View More Activity

Intel Issues Patches to Fix Wireless Flaws

Intel has released updates to fix at least seven separate security flaws in the low-level software that powers its Centrino wireless devices. The flaws reside in Intel's wireless "device drivers," and are present at such a fundamental level of the operating system that they could be used by bad guys to spread malicious software like a computer worm wirelessly between vulnerable computers without any action on the part of the user.

The Intel Web site has more information on these flaws and includes a tool that people can use to tell whether they need to download and install software updates to fix the problems. I would strongly advise anyone using a laptop with an embedded wireless card to pay a visit to the page and run the tool, as many, many computer manufacturers embed Intel's hardware and software into their machines.

Yesterday, I wrote about a series of flaws security researchers here at Black Hat were able to find in multiple wireless device drivers. While Intel's update appears unrelated to their presentation, these vulnerabilities are quite serious and we are likely to see similar updates in the not-too-distant future from other companies that make these device drivers. Intel said it is currently working with various computer manufacturers to get their word out to their customers as well.

By Brian Krebs  |  August 3, 2006; 12:25 PM ET
Categories:  New Patches  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Follow-up to the Macbook Post
Next: Javascript Attacks on Steroids

Comments

Worth noting that these fixed are dated July 13 (originally posted) and July 28 (modified), last time I checked yesterday. So in response to Krebs Kritics (your own Soul Patrol), it's pretty clear that Intel took the researchers' work seriously and repaired the drivers. There are a lot of comments on your previous thread about how the video could have been faked, yadda yadda yadda. Sure. But the Intel driver update, while not mentioning these fellows, should make it clear it's real.

Now, when 1% of people update their drives, they'll be safe.

Posted by: Glenn Fleishman | August 3, 2006 2:03 PM | Report abuse

As commented on the F-Secure Blog, it's worth noting that Dell and Toshiba have *NOT* come out with fixes for their custom drivers, and that installing the "patch" as listed above isn't easy, and without issues. They also mention that the "patch" is actually a reinstall of new drivers and not a "patch" per-say.

I agree that users should be aware of this fix, and should be leaning on Dell, Toshiba and other vendors to put out their true custom drivers with the fixes ASAP.

Thanks!

Posted by: David | August 3, 2006 2:51 PM | Report abuse

It would be really nice if Intel would list known vendors of their drivers and if other major vendors, such as Microsoft and Dell, would list products they produce which use these drivers.

Posted by: g | August 3, 2006 2:52 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company