Windows Wi-Fi vulnerability discovered
The feature is part of Windows XP and 2000 and was exposed as being vulnerable at hacker conference ShmooCon on Saturday by vulnerability researcher Mark Loveless.
Loveless claimed that hackers can take advantage of the feature to include a user’s PC in a peer-to-peer network, giving them access to information on its hard drive.
When a PC running Windows XP or Windows 2000 boots up, it will automatically try to connect to a wireless network. If the computer can’t set up a wireless connection, it will establish an ad hoc connection to a local address. This is assigned with an IP address and Windows associates this address with the SSID of the last wireless network it connected to.
The machine will then broadcast this SSID, looking to connect with other computers in the immediate area.
The danger arises if an attacker listens for computers that are broadcasting in this way, and creates a network connection of their own with that same SSID. This would allow the two machines to associate together, potentially giving the attacker access to files on the victim’s PC.
Security experts contacted by ZDNet UK on Monday confirmed that the flaw exists, but said that it should not be a problem for those using firewalls.
Paul Wood, security analyst at MessageLabs indicated that users will probably be unaware that their computers have connected to the peer-to-peer network in such a way.
MessageLabs believes that users running Windows XP Service Pack 2 (SP2) are not at risk.
«This yet again is a wake-up call for those who haven’t installed SP2. Any machines running a copy of XP without SP2 are..