[ news_security_news ]
Intel Patches Centrino Vulnerabilities
David Utter
Staff Writer
2006-08-01
 Insider Reports RSS Feed
Intel identified three issues, two with Centrino device drivers and one for the PROSet management software, that required updates.
SANS Internet Storm Center reported that Intel patched the trio of problematic flaws. Two of them presented the possibility of being remotely exploited.
Intel has also made a tool available to assist users in updating their software. The Intel PRO/Wireless Network Connection ID Tool will identify the Centrino wireless adapter in use on a machine.
SANS said that to their knowledge, the updates would not be delivered through Microsoft's Update tool. Certain system vendors may provide an automated tool to do so, but SANS recommends users check with those vendors to see if a custom version of these patches will be made available before obtaining the updates directly from Intel.
The two driver problems identified by Intel are due to memory corruption issues caused by malformed frames passed across the wireless adapter. One flaw could allow for remote code execution, while the other could permit privilege escalation.
The third issue concerns the PRONet software, and has existed for some time, according to SANS. That flaw could reveal system information related to wireless network security. The flaw is due to insecure usage of shared memory, but is only a local vulnerability.
SANS also reminds everyone that BlackHat Vegas will have a briefing on exploiting device drivers presented on Wednesday, August 2nd. Might be a good idea to check on custom vendor security updates as soon as possible.
---
Tag: Centrino
Add to  Del.icio.us |  Digg |  Yahoo! My Web |  Furl
Get all the updates in RSS: 
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
