Greg Kroah-Hartman, a Fellow at The Linux Foundation, looks ready to finally disable USB RNDIS protocol drivers once and for all. Interestingly, Hartman has had wanted to remove the RNDIS bits from Linux for some time now as the initial proposal was made back in November 2022 on the 23rd.
Now, just over two years later on 23 December 2024, the commit has finally been pushed again. In the message accompanying it, Hartman explained how this ancient Windows XP-era Microsoft protocol is no longer necessary and it also makes the system insecure and vulnerable to threats. He wrote:
USB: disable all RNDIS protocol drivers
The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all rndis drivers to prevent anyone from using them again. Windows only needed this for XP and newer systems, Windows systems older than that can use the normal USB class protocols instead, which do not have these problems. Android has had this disabled for many years so there should not be any real systems that still need this.
You can find the commit here on the LKML public inbox.
For those who may not be familiar, the RNDIS or Remote Network Driver Interface Specification is a bus-independent message protocol for Ethernet (IEEE 802.3) network devices on dynamic Plug and Play (PnP) buses like the USB, 1394, Bluetooth, and InfiniBand. This standardized approach means that a set of host drivers can support any number of networking devices via the USB.
As mentioned above, Microsoft debuted the spec back in the Windows XP days and it is still present on the still supported Windows 10 and Windows 11, including on the latest version, 24H2. Fortunately, though, the RNDIS driver does not automatically install on Windows 10 and 11.
On a related note, if you are curious, Windows 11 24H2 supports NDIS version 6.89.
10 Comments - Add comment