Windows Firewire flaw leaves systems at risk

By Justin Mann on
Some security researchers are very benign and forgiving when it comes to exploit discovery, and will give developers ample time to patch their products before going public. Such was the case with a fairly serious flaw in Windows that could allow total system compromise via Firewire ports.

Unfortunately, however, Microsoft never patched the flaw. Now, two years after initially announcing in, researcher Adam Boileau has gone public with the flaw demonstrating how it works. Essentially, any Windows system that can be locked and just as easily unlocked with this exploit. Microsoft has usually downplayed security flaws that require physical access. In this case we agree that perhaps for a home user this couldn't have much of an impact, but for an enterprise where there might be hundreds or even more machines storing critical information, it could be a very serious problem. With no known fix from Microsoft, the suggested workaround is to disable Firewire when not in use.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.