Security Vulnerabilities in Device Driver Software: A Potential Threat
Security flaws in device driver software can represent a significant potential threat. However, Intel’s security experts disagree with this viewpoint.
In a recent study, Intel specialists conducted a search for security vulnerabilities in widely released device driver software for the Windows operating system. Concurrently, they also sought out dangerous code snippets that could exploit such security vulnerabilities. What Intel experts aimed for was to identify issues arising in kernel-level device drivers and malicious code that could allow hackers to gain full access to vulnerable systems.
The search yielded no results.
During a speech at the NetSec conference organized by the Computer Security Research Institute, David Schulhoff, a senior information security expert at Intel, stated, “It’s very difficult to find something truly useful because there simply aren’t many known vulnerabilities in Windows kernel-level device drivers.”
Security vulnerabilities in device driver software can pose a serious threat to computer security. Theoretically, hackers could exploit these vulnerabilities to gain complete access to vulnerable systems. However, Intel believes that the risk of attacks through these vulnerabilities is currently very low, as the number of such vulnerabilities known is limited, and hackers prefer easier-to-exploit security flaws.
Other security experts also agree with Intel’s perspective. “Vulnerabilities in device drivers are quite rare and much harder to exploit than user-mode vulnerabilities. If successfully exploited, vulnerabilities in device drivers often lead to denial-of-service attacks,” said Monty Ijzerman, Senior Director of the Global Threat Group.
However, recent security vulnerabilities in device drivers are attracting more attention. For instance, Microsoft is preparing to launch a tool that allows software developers to scan code for common security vulnerabilities. The primary reason for Microsoft’s concern is the potential serious impact such vulnerabilities could have on the Windows operating system.
The Windows operating system requires drivers to operate integrated or connected hardware devices. A flawed driver can cause numerous problems. For example, a bug in a kernel-level driver can lead to serious malfunctions, resulting in a “blue screen of death.”
Since kernel-level device drivers run with the highest level of privileges in Windows, security vulnerabilities within them can be highly advantageous to hackers. If one can successfully exploit a security flaw at the kernel level, you have the opportunity to become the “master” of that system, Schulhoff remarked.
Hoàng Dũng
