[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnumed-devel] Security alert for those running wi-fi under Windows XP

From: J Busser
Subject: [Gnumed-devel] Security alert for those running wi-fi under Windows XP
Date: Mon, 12 Mar 2007 07:51:00 -0700

Anyone running wi-fi (wireless) under Windows XP, especially mobile laptop users, need to be aware there is a non-automatic Windows update from October that they should be highly advised to download and run manually. Apparently even some security people have only recently figured out issues with ""Free Public Wi-Fi"" so I thought some on the list may like this shared.

Without this patch, you may be offered to connect to "Free Public Wi- Fi" which is not *really* what it is, it's actually only a nearby desktop or laptop that has benignly (or with ill intent) made itself available as an ad hoc "peer to peer" node. If that is ever accepted, the generic permission (and setting) may continue to reside among your "preferred networks" and even after you are subsequently connected to some other network, your laptop may continue to probe every minute for other connections and, in so doing,
1) publish the ids of your actual trusted networks and
2) cause your wi-fi connection to "jump around" in a constant search for stronger connections and may disrupt your connections and/or put you at risk if you have any security vulnerabilities

Notably, although Microsoft had come up with an update to change this, it is *not* part of Windows automatic updates. Not only is it not in the "critical" list, it is apparently not anywhere *in* the automatic updates system. You have to specifically get this update. The source of my info is "Security Now" podcast episode 82, the notes are about 1 screen down among the show notes at SN-082.txt
        (I listened to the podcast at

To get the update, which alters the behaviour from automatic to just when you ask it to, either google "wireless client update" or go to this download link: D52B-4F84-ACE8-F7FC20195769&displaylang=en

Microsoft knowledge base article containing more detail:

reply via email to

[Prev in Thread] Current Thread [Next in Thread]