Industry News

Although it should not be a problem for those using personal firewalls on their laptop, vulnerability researcher Mark Loveless (pictured), a senior security researcher for the Vernier Threat Labs, has been drawing attention to a startling wireless security vulnerability in Windows XP and 2000. According to the Washington Post Microsoft has acknowledged this vulnerability and says it plans to change the default configuration in the next Service Packs released for Windows.

With more than 20 years experience in security, Loveless, also known as “Simple Nomad” in the security industry, is an expert in uncovering computer threats and exploits.

Writing in the Washington Post, security analyst Brian Krebs characterized the vulnerability as "a staggeringly simple but very dangerous wireless security problem."

Here's how Krebs explained what the problem is:

"Laptops powered by Windows XP or Windows 2000 with built-in wireless capabilities (these includes most laptops on the market today) are configured so that when the user opens up the machine or turns it on, Windows looks for any available wireless connections. If the laptop cannot link up to a wireless network, it creates what's known as an ad-hoc "link local address," a supposed "private network" that assigns the wireless card a network address of 169.254.x.x (the Xs represent a random number between 1 and 254).

Microsoft designed this portion of Windows so that the address becomes associated with the name or "SSID" of the last wireless network from which the user obtained a real Internet address. The laptop then broadcasts the name of that network out to other computers within a short range of the machine (which may vary depending a number of things, including the quality of the laptop's embedded network card and things that may obstruct the signal, like walls, e.g.).

What Loveless found was that by creating a network connection on his computer that matches the name of the network the target computer is broadcasting, the two computers could be made to associate with one another on the same link local network, effectively allowing the attacker to directly access the victim's machine."

Network security technology is a growing concern for enterprises worldwide.  Vernier Threat Labs was established in 2004 to provide Vernier Networks customers with a service providing its customers with the necessary resources needed to combat daily threats from software vulnerabilities, malware, spyware and bandwidth-consuming P2P applications.