Windows Wi-Fi patch could be long time coming

Microsoft confirms a Wi-Fi security flaw in Windows XP, but the wait for a fix may be as long as 18 months.

Tom Espiner Special to CNET News

Jan. 18, 2006 3:06 p.m. PT

2 min read

Microsoft has confirmed that there is a Wi-Fi security vulnerability in Windows XP, but it may not be fixed for as long as 18 months.

The flaw, within a Windows feature that automatically searches for a Wi-Fi network to connect to, was made public Saturday by security researcher Mark Loveless at hacker conference ShmooCon. It can be used by a hacker to gain access to files on a victim's laptop, Loveless said.

Microsoft said Wednesday that it had finished investigating this claim, and had found that there is scope for vulnerable Windows systems to be compromised. However, it said it does not plan to rush out a fix.

"Due to the design of this feature, the most appropriate method for adjusting the default behavior is in a future Service Pack or update rollup," Microsoft said in a statement.

On Tuesday, Microsoft revealed that it was not planning to release the next service pack for Windows XP, called XP SP3, until the second half of 2007. A service pack is a unified group of fixes and new features. An update rollup is typically a collection of previously released patches. Although it may include some new features, the advances are usually more limited than those found in a service pack.

Loveless told ShmooCon that when a PC running Windows XP or Windows 2000 boots up, it will automatically try to connect to a wireless network. If the computer can't set up a wireless connection, it will establish an ad hoc connection to a local address. This is assigned an IP address, and Windows associates this address with the SSID of the last wireless network the PC connected to.

The machine will then broadcast this SSID, looking to connect with other computers in the immediate area. The danger arises if an attacker listens for PCs that are broadcasting in this way and creates a network connection with that same SSID. This would allow the two machines to associate together, potentially giving the attacker access to files on the victim's PC.

Security experts said on Monday it's unlikely laptop users would be at risk if they had installed Service Pack 2 for Windows and enabled a local firewall.

Microsoft recommended on Wednesday that customers enable a firewall, get software updates and install antivirus software. Customers who believe they may have been affected can contact Microsoft Product Support Services via its Web site.

Tom Espiner of ZDNet UK reported from London.