Hackers open the champers

By Nick Farrell

THE US hacker conference, hmooCon, was all a buzz with news of a vulnerability in Windows’ wireless laptop software.

Delegates were pointed to the hole by Mark Loveless, a senior security researcher for Vernier Threat Labs and self-confessed hacker.

Loveless revealed that he had managed to exploit the vulnerability on airline flights to gain access to Windows machines that other passengers were using.

As far as vulnerabilities go, it is not the strongest. It requires the laptop to be using a Windows XP or Windows 2000 laptop that is unprotected by a firewall.

Not good if you want to target a specific machine, unless you know the lap-top has not got a firewall, but great if you are bored on a long distance flight and want to read other people’s computers.

The flaw is based on how Vole’s wireless capabilities are configured to search for any available wireless connections on start up. When no wireless link is found then the software establishes an ad-hoc link to a local address.

Vole says that it knows of this particular problem and will have a patch ready in the next service pack.

More here

Source: http://www.theinquirer.net/?article=28998