Windows 7 IPv6 flaw requires local access
Businesses migrating to IPv6 need to evaluate IT configuration to ensure systems are secure while they run the new protocol.
By Max BurkhalterAugust 30, 2011
Barracuda Labs has found a flaw in the way that Windows 7 handles IPv6, says a report by ZDNet. The research company contends that hackers could use the flaw to crash computers. Microsoft has acknowledged and documented the security hole, but has no plans to patch it in a security update right now because exploiting the flaw requires local network access.
According to Barracuda Labs, a hacker would have to make a targeted denial-of-service attack to take advantage of the vulnerability. However, a breach could cause failure in a PC's network connectivity, applications and sound system.
Barracuda Labs researcher Thomas Unterleitner says told the news source the vulnerability lies in the way Windows 7's remote procedure call function handles malformed Dynamic Host Configuration Protocol DHCPv6 requests. DHCPv6 is a component of IPv6. The protocol is the automatic configuration code that lets servers allocate IP addresses to clients at start-up.
"To exploit this vulnerability, an attacker would need to intercept DHCPv6 traffic," adds Unterleitner. "Once a DHCPv6 request has been intercepted, the corresponding reply would have to be modified to contain the malformed Domain Search List option. On reception of this malformed packet, RPC on the remote machine would fail. Exploiting this vulnerability would cause the RPC service to fail, losing any RPC-based services, as well as the potential loss of some COM functions."
The research lab confirmed the DHCPv6 flaw on both 32-bit and 64-bit versions of Windows 7 Ultimate with Service Pack 1, and stated that it was "very likely" that other versions of Windows 7, and possibly earlier versions of Windows, are also at risk.
After Barracuda Labs warned Microsoft of the flaw, the company replied late last month, saying that it had replicated the issue. Still, Microsoft said that executing a man-in-the-middle attack or establishing a rogue DHCPv6 server to exploit the vulnerability would require local access, so the security hole would be fixed in the next version of Windows, says the ZDNet report.
The switch to IPv6 will not make networks more secure or more vulnerable to attack in and of itself, according to a report by Light Reading. The report makes reference to industry experts who have studied IPv6 security issues. However, they caution owners and operators to test equipment and to ensure that security features are working properly. Otherwise networks could be left vulnerable during and after the transition to IPv6.
According to Barracuda Labs, a hacker would have to make a targeted denial-of-service attack to take advantage of the vulnerability. However, a breach could cause failure in a PC's network connectivity, applications and sound system.
Barracuda Labs researcher Thomas Unterleitner says told the news source the vulnerability lies in the way Windows 7's remote procedure call function handles malformed Dynamic Host Configuration Protocol DHCPv6 requests. DHCPv6 is a component of IPv6. The protocol is the automatic configuration code that lets servers allocate IP addresses to clients at start-up.
"To exploit this vulnerability, an attacker would need to intercept DHCPv6 traffic," adds Unterleitner. "Once a DHCPv6 request has been intercepted, the corresponding reply would have to be modified to contain the malformed Domain Search List option. On reception of this malformed packet, RPC on the remote machine would fail. Exploiting this vulnerability would cause the RPC service to fail, losing any RPC-based services, as well as the potential loss of some COM functions."
The research lab confirmed the DHCPv6 flaw on both 32-bit and 64-bit versions of Windows 7 Ultimate with Service Pack 1, and stated that it was "very likely" that other versions of Windows 7, and possibly earlier versions of Windows, are also at risk.
After Barracuda Labs warned Microsoft of the flaw, the company replied late last month, saying that it had replicated the issue. Still, Microsoft said that executing a man-in-the-middle attack or establishing a rogue DHCPv6 server to exploit the vulnerability would require local access, so the security hole would be fixed in the next version of Windows, says the ZDNet report.
The switch to IPv6 will not make networks more secure or more vulnerable to attack in and of itself, according to a report by Light Reading. The report makes reference to industry experts who have studied IPv6 security issues. However, they caution owners and operators to test equipment and to ensure that security features are working properly. Otherwise networks could be left vulnerable during and after the transition to IPv6.
