Broadcom's Buffer Problem
Security researcher 'Johnny Cache' highlights another WiFi driver security issue
Broadcom Corp. (Nasdaq: BRCM) is the latest WiFi vendor to have its security cast into doubt, with the discovery of a potential flaw by one of the researchers that showed off a now-notorious hack against Apple Inc. (Nasdaq: AAPL)'s Macbook recently. (See Users Eye New 802.11 Security Issues , Apple's Core Is Secure, and Apple Issues Security Alert.)
Jon Ellch, aka Johnny Cache, has now reported a WiFi driver vulnerability to chipmaker Broadcom that could allow malicious types to take over a user's computers. The Broadcom driver BCMWL5.SYS version 3.50.21.10 driver ships with PCs from Dell Inc. (Nasdaq: DELL), Hewlett-Packard Co. (NYSE: HPQ), and other major computer makers.
"Broadcom has released a fixed driver to their partners, which are in turn providing updates for the affected products," notes Ellch in his bug report. So far, however, only Linksys has issued a patch.
Security house Secunia is calling the security "moderately critical" and suggests that users switch off their WiFi radios when not in use.
Broadcom is by no means the only vendor to have faced firmware-level WiFi security issues recently. Aside from Apple's patches, Intel Corp. (Nasdaq: INTC) also had to warn about a driver vulnerability back in August. (See Intel's Centrino Vulnerability.)
— Dan Jones, Site Editor, Unstrung
About the Author(s)
You May Also Like
Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024