Slashdot Mirror

← Back to Stories (view on slashdot.org)

Device Drivers Filled with Flaws, Pose Risk

Posted by ryuzaki0 on from the enemy-within dept.

Gary W. Longsine writes "Security Focus describes device drivers as an untapped source of buffer overflows, posing substantial risk not typically considered as part of a standard risk assessment. The security risks of device drivers on both Windows and Linux, including network (remotely exploitable) and hardware drivers (typically only locally exploitable) are discussed in the article. I've noticed that software you wouldn't expect sometimes installs a device driver component. I can understand this as a component of an antivirus or host based firewall, but it seems to be an oddly common design pattern on Windows, which clearly poses substantial risk."

6 of 189 comments (clear)

  1. Re:One hardware driver one from way back. by kernelfoobar · · Score: 2, Funny

    I actually have done this and it does work on some modems, pretty cool actually. Think: someone might try to view comments and keep getting disconnected right at this moment.

    --
    Here we go again!
  2. Re:Is this another reason to buy a Mac? by Anonymous Coward · · Score: 2, Funny

    Fool.
    Drivers that come with the OS are still drivers.

  3. Re:Multimedia Keyboards by AndroidCat · · Score: 4, Funny

    Old days?

    --
    One line blog. I hear that they're called Twitters now.
  4. Re:Is this another reason to buy a Mac? by afd8856 · · Score: 2, Funny

    Who told the god damn noobies about slashdot?

    --
    I'll do the stupid thing first and then you shy people follow...
  5. Typo in the headline by ElMiguel · · Score: 1, Funny

    Device Drivers Filled with Flaws, Pose Risk

    Another Slashdot typo: they obviously misspelt "SUV" as "Device".

  6. Re:One hardware driver one from way back. by pomo+monster · · Score: 1, Funny

    Yeah, there was a Slashdot story about this a while back. Good reading.