Windows error could leave drives open to hackers

According to a security researcher, users of Windows laptops with Wi-Fi capabilities may be opening their hard drives up to hackers.

Exploiting a design flaw in Windows XP and Windows 2003 systems with built-in wireless capabilities, hackers could lure Wi-Fi users into connecting to malicious wireless networks, according to Microsoft, which recently completed an investigation of the issue.

Mark Loveless, a senior researcher at Vernier Networks, raised questions about the flaw last week at a security conference.

Loveless says, “When Windows powers up but doesn’t find a wireless access point, it creates an ad hoc network, complete with the SSID, the Wi-Fi network identifier of the last network connection.”

Hackers, in turn, can set their wireless devices to connect to the same “phantom network,” and could introduce malicious code and/or access files on the laptop’s hard drive.

Loveless says, “In Windows 2000 and Windows XP and [XP] SP1, this all happens in the background without the user’s knowledge. On Windows XP SP2, the user is notified it has ‘attached’ to an ad-hoc network, when in fact it has simply started advertising the ad-hoc network.

“This is basically a configuration error that spreads virus-like from laptop to laptop.” He added that in field tests, numerous ad hoc SSIDs such as ‘linksys’, ‘dlink’, ‘tmobile’ and ‘hpsetup’ were documented as being broadcast in this way.

But users who configure their systems so that they don’t connect to ad hoc networks and those who use firewalls and properly patched systems should be safe from the threat, he said.

“There are a couple of conditions that need to be met before [the threat could be exploited],” Loveless said. “But it appears to me those conditions have been met in a lot of machines [based on field tests].”

Loveless, says Microsoft has known of the flaw since mid-October, and has not only confirmed the issue, but says it would address it in the next Service Pack.

However, according to InformationWeek, Windows 2000 will have no new Service Packs, and Windows XP, Service Pack 3 (SP3), won’t be released until late 2007.