A new threat in software has established itself in the last year. That threat is vulnerabilities in device drivers. Historically, security and drivers never had much in common. It appears that this line of thinking is going to cause some severe headaches in the near future.
Just a few days ago it was announced that a severe vulnerability was identified in Broadcom’s wireless drivers. There’s a buffer overflow condition in the SSID handler. Potentially somebody driving around broadcasting a malicious SSID could compromise your machine by just sitting there waiting for your computer to pick it up. It is claimed that there is a reliable exploit for this already, fortunately it hasn’t been made public yet. If this does become public, it could be very dangerous. It’s a kernel level exploit, which means it’s going to bypass any anti-virus measures on the computer. Broadcom was notified of the problem and they updated their driver, but issued no security warning. So far, it doesn’t appear than any vendors that use Broadcom chipsets have updated their corresponding drivers.
This isn’t the first occurrence of such a vulnerability. You may remember the Centrino vulnerabilities earlier this year, vulnerabilities were also identified in Apple’s wifi drivers, and recently in Nvidia’s video drivers for Linux, among others.
It’s time for hardware manufacturers to start thinking about security, and taking responsibility for any security issues just as every other software developer has to. It’s unfortunate this was not already the case, and it may be too late.