Yesterday, we learned via Microsoft's Raymond Chen that back in the olden days of Windows XP, it was discovered that a music video of a song called Rhythm Nation by Janet Jackson was causing Windows PCs to crash. This is because the song in question contained resonant frequencies for 5400RPM hard drives which even crashed PCs in vicinity while the song was being played. While OEMs eventually fixed the issue, security agency MITRE has now declared it as an official exploit.
As noted by The Register, Janet Jackson's song has been assigned a Common Vulnerabilities and Exposures (CVE) ID of CVE-2022-38392. The description of the exploit on MITRE's dedicated page reads:
A certain 5400 RPM OEM hard drive, as shipped with laptop PCs in approximately 2005, allows physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video.
It is interesting to know that while many OEMs raced to fix the issue by adding a filter to exclude the problematic resonant frequencies, MITRE has still assigned it as a public exploit, nearly two decades after its initial discovery.
However, the move does make sense considering that some people and companies do use legacy and unpatched hardware and software for various reasons (please stop, though), so Rhythm Nation could still be leveraged as a side-channel attack. That said, those on modern PCs shouldn't have any reason to worry when it comes to this particular exploit.
Source: MITRE via The Register
8 Comments - Add comment