XP Wireless Flaw Fixed…. finally

It only took 12 months but Microsoft has finally release a patch for a XP wireless vulnerability. Brian Krebs’ Security Fix blog first reported the vulnerability after hearing Mark “Simple Nomad” Loveless speak about the issue at 2006 SchmooCon.

The problem lies in XP’s desire to connect up to a wireless network that was previously available. If an attacker sees the broadcasts of the client looking for a specific SSID the attacker can then spoof the SSID and have the client connect directly to the attack box.

Microsoft has released a patch KB9170121 to fix this issue. However, they are wide reports that the fix is not included in automatic updates.

For further reading on the vulnerability and patch visit Krebs’ Security Fix

Leave a Reply