Jump to content
Compatible Support Forums
Sign in to follow this  
Philipp

Access Violation in Windows 2000 IRDA Driver ....

Recommended Posts

... Can Cause System to Restart

 

Microsoft Windows 2000 provides support for infrared-based connectivity. This support is provided through protocols developed by the Infrared Data Association (IRDA). Because of this, they are often called IRDA devices. These devices can be used to share files and printers with other IRDA-device capable systems. The software which handles IRDA devices in Windows 2000 contains an unchecked buffer in the code which handles certain IRDA packets.

 

A security vulnerability results because it is possible for a malicious user to send a specially crafted IRDA packet to the victim´s system. This could enable the attacker to conduct a buffer overflow attack and cause an access violation on the system, forcing a reboot. To be best of our knowledge, it cannot be used to run malicious code on the user´s system.

 

Read more

Share this post


Link to post

I'm sorry, this is really freaking funny. Basically, what Microsoft is saying is that I could crash computers if I had a hostile custom program running on an IrDA device (Pocket PC, Palm, whatever). IrDA has a reception range of only about 1 meter so I would need to run into their office and zap their computer.

 

Gee, like the person sitting there wouldn't be slightly peeved by the incident?

 

And how did they figure this problem out? Did Steve Ballmer go running into Bill's office: "Hey, check this out, I have something cool to show you..."

 

Look at the security advisory below my comments. I especially love #2.

"or be able to transmit the IRDA packets through reflection directly to the victim's IRDA port"

 

So, if I get myself an extremely high powered IR emitter and a very complex system of reflectors I can theoretically sit in my office and simultaneously crash all the computers in the office. Cool... Sounds like a challenge.

 

 

-------------------

Mitigating factors:

 

1.) The attack would require that an attacker's machine be within range of the victim's IRDA device, usually within arm's length.

 

2.) The attack would require that an attacker's machine's IRDA port have either a direct line of sight to the victim's machine, or be able to transmit the IRDA packets through reflection directly to the victim's IRDA port.

 

3.) To the best of our knowledge, this cannot be used to run malicious code on the user's system.

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×