Wireless worms threaten laptop users

Share this article:

Worms could travel through the airwaves and infect laptops, according to security experts.

Users were warned to update the operating systems following the announcement of vulnerabilities in Intel Centrino's wireless technology. The flaws could theoretically allow hackers to spread malicious code, including worms, wirelessly between laptops.

According to a statement by Intel, the security vulnerabilities exist in the Microsoft Windows drivers for certain versions of their Wireless Network Connection hardware.

"A hacker could exploit these wireless vulnerabilities to run malicious code on an innocent user's laptop, giving them control over other people's PCs or spreading a wireless worm which could leapfrog from one laptop to the next," said Graham Cluley, senior technology consultant for Sophos. "The good news is that we haven't seen any attacks using this exploit yet, but that doesn't mean computer users should be laid back about applying fixes."

"It is essential that all companies remain alert to the latest security issues, and ensure their business computers are properly defended with the latest patches," continued Cluley. "The more time taken to patch a flaw, the greater the opportunity for a malicious hacker to exploit it."

Although Intel has published generic updates to its software, which reportedly fix the issue on its website, the company is recommending that users contact their laptop manufacturers for vendor-specific information and fixes.

Intel has published more information about the security holes, and information on which hardware is affected, on its website here.

Alan Paller, director of research at the SANS Institute, says the vulnerability is significant because it erodes user's trust in their laptop. He added that because the flaw gives attackers privileged rights, they can avoid encryption.

Bugs such as this will continue to be reported in the coming months, Paller predicted.

You can expect wireless drivers to be major targets for the next three to nine months," he said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.