A wireless “helper” in Windows XP and Windows 2000 is creating quite a stir in certain circles and has prompted the software giant to alter the technology protocols in the next Windows Service Packs.
The problem, accoring to escurity analyst Brian Krebs, is what happens when a user turns on a notebook running either of those Operating Systems in a wireless environment.
“Laptops powered by Windows XP or Windows 2000 with built-in wireless capabilities are configured so that when the user opens up the machine or turns it on, Windows looks for any available wireless connections,” Krebs said in The Washington Post. “If the laptop cannot link up to a wireless network, it creates what’s known as an ad-hoc link local address, a supposed private network that assigns the wireless card a network address of 169.254.x.x (the Xs represent a random number between 1 and 254).”
Sounds helpful, right? Not according to Krebs. What really happens is that the OS stores the ‘name’ of that link local address, then broadcasts that name to other computers a short distance away. In effect, the machine invites an attacker to submit the unsuspecting broadcaster’s link local address and assume a connection to—and, effectively, ownership of—the targeted system.
Microsoft has indeed promised to eliminate this problem in the next Service Packs release. Users not wanting to wait for that should be advised that such a “hijack” possibility exists and take appropriate steps to safeguard their systems.