Microsoft plugs USB hole

Stefan Mileschin · 14th March 2013, 06:17

Software giant Microsoft has written a patch for a huge hole in Windows which allowed attackers to use USB-connected drives to take full control of a targeted computer.

Redmond has warned that fixing the vulnerability was important, rather than critical, because the hacker needs to have physical access to the computer being attacked.

This makes it hard for hacks to spread online, but it does make it possible to carpet bomb conferences or other gatherings with booby-trapped drives which infect those present with malware. It would be expensive, and fairly obvious, but it would be possible.

Where it would be more useful is for a spook who gains access to a building to nick corporate data or sabotage computer operations.

Stuxnet showed that the physical aspect of planting USB drives or having people to take these things into facilities, does work.

Microsoft wrote that the MS13-027 series of vulnerabilities can be exploited when a maliciously formatted USB drive is inserted in to a computer.

Windows drivers need to read a specially manipulated descriptor, and the system will execute attack code with the full permissions of the operating system kernel.

Microsoft Security Response Center researchers Josh Carlson and William Peteroy wrote in the company's blog that the vulnerability was triggered during device enumeration, no user intervention is required.

The vulnerability can be triggered when the workstation is locked or when no user is logged in, making this an un-authenticated elevation of privilege for an attacker with casual physical access to the machine.

Microsoft has closed a variety of security holes related to USB hard drives over the last few years. One of these was fixing the LNK file vulnerability that allowed Stuxnet to infect machines when a stick was plugged in.

Many company engineers have also redesigned the autorun feature that used to automatically open a window each time a removable drive was connected to stop future attacks on corporate networks.

MS13-027 is one of seven bulletins Microsoft issued as part of this month's Patch Tuesday.

http://news.techeye.net/security/mic...plugs-usb-hole

14th March 2013, 06:17	#1
Stefan Mileschin [M] Reviewer Join Date: May 2010 Location: Romania Posts: 148,462	Microsoft plugs USB hole Software giant Microsoft has written a patch for a huge hole in Windows which allowed attackers to use USB-connected drives to take full control of a targeted computer. Redmond has warned that fixing the vulnerability was important, rather than critical, because the hacker needs to have physical access to the computer being attacked. This makes it hard for hacks to spread online, but it does make it possible to carpet bomb conferences or other gatherings with booby-trapped drives which infect those present with malware. It would be expensive, and fairly obvious, but it would be possible. Where it would be more useful is for a spook who gains access to a building to nick corporate data or sabotage computer operations. Stuxnet showed that the physical aspect of planting USB drives or having people to take these things into facilities, does work. Microsoft wrote that the MS13-027 series of vulnerabilities can be exploited when a maliciously formatted USB drive is inserted in to a computer. Windows drivers need to read a specially manipulated descriptor, and the system will execute attack code with the full permissions of the operating system kernel. Microsoft Security Response Center researchers Josh Carlson and William Peteroy wrote in the company's blog that the vulnerability was triggered during device enumeration, no user intervention is required. The vulnerability can be triggered when the workstation is locked or when no user is logged in, making this an un-authenticated elevation of privilege for an attacker with casual physical access to the machine. Microsoft has closed a variety of security holes related to USB hard drives over the last few years. One of these was fixing the LNK file vulnerability that allowed Stuxnet to infect machines when a stick was plugged in. Many company engineers have also redesigned the autorun feature that used to automatically open a window each time a removable drive was connected to stop future attacks on corporate networks. MS13-027 is one of seven bulletins Microsoft issued as part of this month's Patch Tuesday. http://news.techeye.net/security/mic...plugs-usb-hole

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Facebook Says Spam Hole Is Fixed	Stefan Mileschin	WebNews	0	10th September 2012 07:31
Microsoft advises nuking Windows Gadgets after security hole discovery	Stefan Mileschin	WebNews	0	12th July 2012 09:31
Electrical Socket That Forcibly Ejects Inactive Plugs	Stefan Mileschin	WebNews	0	4th January 2012 07:02
Microsoft Plugs Critical Holes	Stefan Mileschin	WebNews	0	12th October 2011 07:12
V-Moda Faders Ear Plugs @ TestFreaks	Stefan Mileschin	WebNews	0	11th October 2011 07:07
Microsoft plugs critical Exchange, IE holes	jmke	WebNews	0	11th February 2009 19:36
Mercury Plugs Cell Processor into x86 Workstations	jmke	WebNews	0	1st August 2006 08:18
How not to cut a 80mm fan hole	jmke	WebNews	2	2nd November 2005 23:19
[Mounting hole Dimension Database]	kristos	General Madness - System Building Advice	3	11th November 2004 17:03
Intel Plugs Pentium 4 “Prescott” into Notebooks	jmke	WebNews	3	1st June 2004 22:40