USB Devices Can Crack Windows - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 07-24-2005, 03:30 PM   #1 (permalink)
Newb Techie
 
Join Date: Jul 2005
Posts: 16
Default USB Devices Can Crack Windows

USB Devices Can Crack Windows By Paul F. Roberts

Vulnerabilities in USB drivers for Windows could allow an attacker to take control of locked workstations using a specially programmed Universal Serial Bus device, according to an executive from SPI Dynamics, which discovered the security hole.

The buffer-overflow vulnerabilities could enable an attacker to circumvent Windows security and gain administrative access to a user's machine.

This is just the latest example of a growing danger posed by peripheral devices that use USB (Universal Serial Bus), FireWire and wireless networking connections, which are often overlooked in the search for remotely exploitable security holes, experts say.

The buffer-overflow flaw is in device drivers that Windows loads whenever USB devices are inserted into computers running Windows 32-bit operating systems, including Windows XP and Windows 2000, said Caleb Sima, chief technology officer and founder of SPI Dynamics.

SPI is still testing the hole, and hasn't informed Microsoft Corp. about the problem. The company will be demonstrating the vulnerability at this week's Black Hat Briefings hacker conference in Las Vegas, but will not release details of the security hole, Sima said.

A spokesperson for Microsoft's Security Response Center confirmed that the company has not received a vulnerability report from SPI. The company strongly encouraged any researcher to contact the MSRC if they have a vulnerability to report.

Rest Of the Story is Here:

http://testing.onlytherightanswers.c...=article&sid=7
__________________

ZOverLord is offline  
Old 07-25-2005, 02:15 AM   #2 (permalink)
Master Techie
 
Join Date: Apr 2005
Posts: 2,306
Default

that make me wory about using my usb drive
__________________

__________________
Lonewolf5460 is offline  
Old 07-25-2005, 02:29 AM   #3 (permalink)
Newb Techie
 
Join Date: Jul 2005
Posts: 16
Default

Quote:
Originally posted by matt2m
that make me wory about using my usb drive
For the moment I would not let folks use my USB ports, or use my USB devices on others systems, until there is more detail.
ZOverLord is offline  
Old 07-25-2005, 03:50 AM   #4 (permalink)
Master Techie
 
Join Date: Apr 2005
Posts: 2,306
Default

Thats a little overkill aint it? J/k.
Until an os comes out with a consol based set up.I read it in a magazine.Consoles never get any thing why they have to be authorized to run on the machine.While comps of to day can run crap and we would not know it this way the only way 4 a program to function is to be allowed in.I would not mind the hassle of authorising stuff like that think of it no virus scanners and firewalls.The article has it in more detail i will look 4 it then look on line 4 it.
__________________
Lonewolf5460 is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 08:39 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.