A group of security researchers discovered a flaw in Broadcom’s BCMWL5.SYS wireless driver that could make a Wi-Fi enabled laptop prone to security risks. The said buffer overflow error could enable hackers to stage kernel-mode code and take advantage of the security opening through the Metasploit Module. The Zeroday Emergency Response Team or ZERT believes the defect “can be used to inject any standard Windows payload into a vulnerable system.”
According to ZERT, the flaw is triggered when a Wi-Fi card performs a background scan of available wireless networks. A user is therefore at risk if he or she uses a wireless card-enabled laptop in any public place such as an airport or a coffee shop. The proximity of hackers to the scene, according to the advisory, would depend on their antenna and signal strength.
ZERT advised users who believe their laptops have the flaw to check the manufacturer’s website for updates. It urged Microsoft to issue a patch, which it said “could be of a significant help to get ahead of this threat.”