Because of the potential of remote execution of arbitrary code, antivirus firms believe the possibility exists that the flaws could spawn a malicious wireless worm. This would infect a given system, then spread by wireless network to other systems.
The first vulnerability involves memory corruption while parsing certain frames. Attackers within range of a vulnerable system could potentially execute arbitrary code on the target system with kernel-level privileges. The Bethedsa, Md.-based SANS Internet Storm Center regards this vulnerability as extremely serious. It affects drivers for the Intel 2200BG and 2915ABG PRO/Wireless Network Connection hardware.
The second vulnerability involves insecure usage of shared memory in the PROSet/Wireless Software application. Attackers with access to the target system -- or controlling malicious software installed on the target system -- could potentially obtain access to wireless network security information, such as a WLAN pre-shared WEP key. This vulnerability has been known since May 2006. SANS dubbed this vulnerability as less severe than the other vulnerabilities because it cannot be exploited remotely. The vulnerability affects PROSet software for the Intel PRO/Wireless 2100, 2200BG, 2915ABG, and 3945ABG Network Connection hardware. Applications using the Intel PRO/Wireless Network Connection Software API are also affected.
The third vulnerability involves memory corruption while handling requests for capabilities from higher-level protocol drivers or user-level applications. Attackers could potentially obtain kernel-level privileges on the target system. SANS regards this vulnerability as extremely serious. It affects drivers for Intel PRO/Wireless 2100 Network Connection hardware.
All vulnerabilities only affect users of Microsoft Windows. In a release on its Web site, anti-malware vendor Sophos plc said it has not yet observed any attacks that make use of this exploit.
Santa Clara, Calif.-based Intel has published a tool that helps determine if a system is running affected hardware. Intel has also provided generic upgrades to the software that fixes these vulnerabilities. However, Intel suggests that users of affected systems should consult their vendors for the correct upgrades, because some vendors provide their own versions of the software.
Edmund X. DeJesus is a freelance technical writer in Norwood, Mass.
This article originally appeared on SearchSecurity.com