Wireless Monkey on the Loose
It has recently been reported thatfunctional exploit code for Broadcom Wireless drivers has been madeavailable to the public. Concerns over the exploit are increasing,because the exploit allows remote code execution, and the susceptibledrivers are shipped with many new computers.
More information can be found at the Month of Kernel Bugs site.
A machine is vulnerable to the exploit if the computer has asusceptible Broadcom Wireless-N network card, and is running thedrivers in question. Unfortunately, due to the nature of wirelessnetworking, all that is required of the attacker is to be within rangeof the vulnerable machine. Because this vulnerability occurs at anextremely low level
within the networking protocol, there may be difficulties in detecting these attacks using standard IDS/IPS methods.
Symantec Security Response recommends that you update the wirelessdriver as soon as possible, if your computer is running a vulnerableversion of the Broadcom Wireless driver. Otherwise, you should avoidusing your wireless card to connect to networks in insecure areas, andalso be aware of the risk involved when connecting wirelessly.