Symantec Tuesday warned of an unpatched vulnerability in a D-Link wireless device driver that could enable an attacker to create a denial of service situation or compromise an affected PC. The flaw affects the wireless driver for D-Link's DWL-G650, which connects notebook PCs to 802.11 b/g WLANs. An error that occurs when the driver processes malformed beacon frames could enable an attacker to trigger a buffer overflow and execute malicious code, Symantec said in a Deepsight Threat Management System bulletin.
However, to exploit the vulnerability, a hacker would have to be in range of the wireless connection on the device, Symantec said. The vulnerability exists on Windows XP and affects version 6.0.0.18 (Rev. A1) of the driver, and other drivers are also potentially vulnerable, according to Symantec.
View: The full story
News source: CRN