We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Intel issues patches for Wi-Fi bugs

Centrino vulnerabilities fixed

Intel has issued patches for three vulnerabilities affecting its wireless hardware and software.

Two problems concern certain versions of its Pro/Wireless Network Connection Hardware, part of its Centrino mobile platform, Intel said. The vulnerabilities lie in drivers from Microsoft, Intel said.

The flaws could allow an attacker near a Wi-Fi station to run unauthorised code on a victim's machine or gain kernel-level privileges.

A third vulnerability affects Intel's Proset/Wireless Software. It could lead to a hacker obtaining authentication credentials.

So far, no attempts have been made to exploit the vulnerabilities, Intel said.

Graham Cluley, senior technology consultant at security vendor Sophos, said a hacker could use the driver problems to create a worm that replicates itself by passing to other computers over a Wi-Fi network.

"It's a very big target for people to do these sorts of things," Cluley said.

Users can verify what version of the hardware they are running here. The new drivers can be downloaded here.

Intel warned, however, that the updated drivers are generic ones and that OEMs (original equipment manufacturers) may have changed some of the software. The generic drivers have not been verified by manufacturers for compatibility, Intel said.

For the other vulnerability, Intel recommended saving the profile of the Proset/Wireless Software with the "export" feature before making changes.

The Sans Institute, a security training organisation, said in an advisory it does not believe updated drivers would be delivered through Microsoft's automated update system. Microsoft officials could not be immediately reached.

Sans also advised that users should check with system vendors to see if custom drivers are going to be released. The patches will have to be applied manually unless manufacturers provide an automated update tool, Sans said.


IDG UK Sites

Moto G2 (2014) vs Moto E comparison review: New Moto G is worth the extra cash

IDG UK Sites

Is Apple losing confidence in itself?

IDG UK Sites

Oculus Rift 'Crescent Bay' prototype hands-on: it's an amazing experience

IDG UK Sites

How (and where) to buy an iPhone 6 or iPhone 6 Plus in the UK. Plus: What to do if you pre-ordered...