Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, July 22, 2005

USB Devices Can Crack Windows

The buffer-overflow vulnerabilities could enable an attacker to circumvent Windows security and gain administrative access to a user’s machine.  This is just the latest example of a growing danger posed by peripheral devices that use USB (Universal Serial Bus), FireWire and wireless networking connections, which are often overlooked in the search for remotely exploitable security holes, experts say.

The buffer-overflow flaw is in device drivers that Windows loads whenever USB devices are inserted into computers running Windows 32-bit operating systems, including Windows XP and Windows 2000, said Caleb Sima, chief technology officer and founder of SPI Dynamics.  The company will be demonstrating the vulnerability at this week’s Black Hat Briefings hacker conference in Las Vegas, but will not release details of the security hole, Sima said.

A spokesperson for Microsoft’s Security Response Center confirmed that the company has not received a vulnerability report from SPI.

For example, an attacker who knows of a vulnerability in a USB device driver can program one USB device—-say a portable memory stick—-to pose as the kind of device that uses the vulnerable driver, then plug the device into the host system and trigger the exploit when the host system loads the flawed driver, said Darrin Barrall, another SPI researcher.

Companies like Microsoft are just beginning to consider the security threat from peripheral devices, even as developments like the USBIF’s Wireless USB standard will make it possible to remotely connect to PCs using high-speed, USB-based technology, Sever said.

At Baptist Memorial Healthcare Corp., in Memphis, Tenn., IT administrators turned to Safend after some departments in the hospital network, such as Human Resources and Risk Management, started using portable USB “jump” drives to make backup copies of sensitive data after the hospital introduced new desktop systems that did not have floppy drives, said Lenny Goodman, director of the desktop management group at Baptist.

http://www.eweek.com/article2/0,1895,1840141,00.asp

Posted on 07/22
NewsPermalink