When a USB stick is connected to a PC the Windows operating system enumerates the device. In simple terms, this means Windows will check to see what type of device was just connected, a HID device, Mass Storage Devicet etc, it will also check the speed of the device.
During the enumeration process some registry entries are made into the Windows registry…this is where a hacker could get into your system and take control. This is the update Microsoft issues earlier this week to fix the security flaw.
Since the vulnerability is triggered during USB enumeration, no user intervention is required. In fact, the vulnerability can be triggered when the workstation is locked or when no user is logged in, making this an unauthenticated elevation of privilege for an attacker with casual physical access to the machine. Other software that enables low-level pass-through of USB device enumeration may open additional avenues of exploitation that do not require direct physical access to the system.
So be sure to update your PC with the update notification comes through – it’s in your best interest.
Full Microsoft article
Continue Reading
Granted I didn’t think of this concept, but looking back, it’s odd this USB hack took as long as it did. Hacker, Jonas Wagner, was able to rig his Microsoft Kinect to a USB missile launcher. From what we’ve read, Jonas wanted to control a missile launcher with his Kinect, only problem is that he didn’t have access to missiles. Next best thing was a USB missile launcher.
To give him some feedback about position, the first thing Jonas did was mount a video cam above the USB missile launcher. Next step was polish up his Python skills and incorporate the libfreenect library for control.
Using his hands to position the USB missile launcher, Jonas can rotate the base unit, angle the barrel up or down and fire the launcher – all thorugh his Kinect.
Video after the jump of Jonas shooting his brother[?]
Continue Reading