Device Drivers Filled with Flaws, Threaten Security
Source: SecurityFocus - Posted by Benjamin D. Thomas   
Host Security Operating system vendors and hardware makers should commit more resources toward systematically auditing Windows and Linux device-driver code for flaws, security researchers say. While buffer overflows, a type of memory flaw that can lead to serious vulnerabilities, are quickly being eradicated in critical applications, the flaws are still easily found in device drivers, said David Maynor, a research engineer for Internet Security Systems' X-Force vulnerability analysis group.

"If you look through the device driver code, there are a lot of problems," he said in a recent interview. "The state of the code's security is not strong." During a few hours on a recent plane flight, for example, Maynor found more than a dozen glitches in several Windows XP drivers.

Read this full article at SecurityFocus

Only registered users can write comments.
Please login or register.

Powered by AkoComment!