Slashdot Mirror

← Back to Stories (view on slashdot.org)

System Exploitable With USB

Posted by Zonk on from the good-thing-no-one-uses-that dept.

Anonymous Coward writes "Vulnerabilities in USB drivers for Windows could allow an attacker to take control of locked workstations using a specially programmed Universal Serial Bus device." From the article: "The buffer-overflow flaw is in device drivers that Windows loads whenever USB devices are inserted into computers running Windows 32-bit operating systems, including Windows XP and Windows 2000, said Caleb Sima, chief technology officer and founder of SPI Dynamics."

3 of 310 comments (clear)

  1. Data Execution Prevention (DEP) feature in SP2 by scupper · · Score: 0, Offtopic

    From Microsoft.......
    A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server 2003
    Article ID: 875352

    Last Review: May 10, 2005
    http://support.microsoft.com/kb/875352

    SUMMARY
    Data Execution Prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help prevent malicious code from running on a system. In Microsoft Windows XP Service Pack 2 (SP2) and Microsoft Windows XP Tablet PC Edition 2005, DEP is enforced by hardware and by software.

    The primary benefit of DEP is to help prevent code execution from data pages. Typically, code is not executed from the default heap and the stack. Hardware-enforced DEP detects code that is running from these locations and raises an exception when execution occurs. Software-enforced DEP can help prevent malicious code from taking advantage of exception-handling mechanisms in Windows.

  2. Controlling block storage devices on USB buses by scupper · · Score: 0, Offtopic

    from Microsoft.......
    Controlling block storage devices on USB buses What does controlling block storage devices on USB buses do?
    http://www.microsoft.com/technet/prodtechnol/winxp pro/maintain/sp2otech.mspx#EDAA

    This feature provides the ability to set a registry key that will prevent write operations to USB block storage devices, such as memory sticks. When this registry key is enabled, the devices function only as read-only devices. You can implement this setting as part of a security strategy to prevent users from transporting data using these devices. Who does this feature apply to? Users who do not want data to be written from their computer to a USB storage device. IT professionals who want to implement organization controls over the use of USB block storage devices

    What settings are added or changed in Windows XP Service Pack 2 Setting name Location Default value Possible values WriteProtect HKEY_LOCAL_MACHINE\System\ CurrentControlSet\Control \StorageDevicePolicies DWORD=0 0 - Disabled 1 - Enabled

  3. Re:Every time I bag out Microsoft by afd8856 · · Score: 0, Offtopic

    I consider every government a crime against humanity, but I'm just too anarhistic. Of course, beyond the reply of the other poster, what can I do?

    --
    I'll do the stupid thing first and then you shy people follow...