Homeland Security: Disable UPnP, as tens of millions at risk
Summary: The U.S. government is warning to disable a common networking feature after bugs have left tens of millions of hardware devices vulnerable to attacks by hackers and malware.
By Zack Whittaker for Zero Day | January 29, 2013 -- 21:03 GMT (13:03 PST)
8Comments
0 Votes
The U.S. Department of Homeland Security is next in line to warn of a serious threat to networking devices, such as scanners and printers, computers and routers.
(Credit: Homeland Security) It comes only a few hours after a white paper was released by security researchers at Rapid7, which claimed that approximately 40 to 50 million devices worldwide are vulnerable to infiltration by hackers as a result of a flaw in a networking protocol.
UPnP, or Universal Plug and Play, allows devices that connect to networks, to communicate seamlessly with one another and discover each other's presence. Devices can then connect over a network to share files, print documents, and access other shared resources.
But now Homeland Security is concerned that the vulnerability could impact millions of machines, and warns users to update their software or disable UPnP altogether.
The trouble is for many, operating system makers—such as Apple and Microsoft—must create hotfixes or patches. The researchers already noted that over 1,500 vendors and 6,900 products identified were vulnerable to at least one of the flaws, including from vendors such as Belkin, D-Link, Linksys, and Netgear.
Read this
Millions of PCs exposed through network bugs, security researchers find
"Multiple vulnerabilities have been announced in libupnp, the open source portable SDK for UPnP devices. Libupnp is employed by hundreds of vendors for UPnP-enabled devices," the U.S. Computer Emergency Readiness Team (US-CERT) said in a note published today.
"US-CERT recommends that affected UPnP device vendors and developers obtain and employ libupnp version 1.6.18, which addresses these vulnerabilities."
It is understood from Rapid7's findings that there are numerous bugs with the protocol, which could ultimately put at risk tens of millions of networked devices—especially those connected directly to the Internet.
It then warns to "disable UPnP (if possible)," along with restricting networking protocols and ports, including Simple Service Discovery Protocol (SSDP) and Simple Object Access Protocol (SOPA) services from untrusted networks, including the Internet.
The risk is that hackers could "execute arbitrary code on the device or cause a denial of service," or in other words: install malware on your computer and/or run it as part of a botnet.
Read this
Homeland Security warns to disable Java amid zero-day flaw
Along with this, hackers could access confidential documents, steal usernames and passwords, take over PCs, and remotely access networked devices, such as webcams, printers, televisions, security systems, and other devices plugged in or wireless connected to networks.
Most networking devices in fact use UPnP, including computers running Windows, Apple's OS X, and Linux. Many mobile devices also use UPnP to print to wireless or networked printers.
It's rare for the U.S. government to actively warn to disable software or a feature. That said, it comes only a fortnight after Homeland Security actively warned users to disable Java software, after a serious vulnerability was found that could have allowed hackers or malware writers to remotely execute code, if a rigged Web site was visited.
Summary: The U.S. government is warning to disable a common networking feature after bugs have left tens of millions of hardware devices vulnerable to attacks by hackers and malware.
By Zack Whittaker for Zero Day | January 29, 2013 -- 21:03 GMT (13:03 PST)
8Comments
0 Votes
inShare
more +The U.S. Department of Homeland Security is next in line to warn of a serious threat to networking devices, such as scanners and printers, computers and routers.
UPnP, or Universal Plug and Play, allows devices that connect to networks, to communicate seamlessly with one another and discover each other's presence. Devices can then connect over a network to share files, print documents, and access other shared resources.
But now Homeland Security is concerned that the vulnerability could impact millions of machines, and warns users to update their software or disable UPnP altogether.
The trouble is for many, operating system makers—such as Apple and Microsoft—must create hotfixes or patches. The researchers already noted that over 1,500 vendors and 6,900 products identified were vulnerable to at least one of the flaws, including from vendors such as Belkin, D-Link, Linksys, and Netgear.
Read this
Millions of PCs exposed through network bugs, security researchers find
"Multiple vulnerabilities have been announced in libupnp, the open source portable SDK for UPnP devices. Libupnp is employed by hundreds of vendors for UPnP-enabled devices," the U.S. Computer Emergency Readiness Team (US-CERT) said in a note published today.
"US-CERT recommends that affected UPnP device vendors and developers obtain and employ libupnp version 1.6.18, which addresses these vulnerabilities."
It is understood from Rapid7's findings that there are numerous bugs with the protocol, which could ultimately put at risk tens of millions of networked devices—especially those connected directly to the Internet.
It then warns to "disable UPnP (if possible)," along with restricting networking protocols and ports, including Simple Service Discovery Protocol (SSDP) and Simple Object Access Protocol (SOPA) services from untrusted networks, including the Internet.
The risk is that hackers could "execute arbitrary code on the device or cause a denial of service," or in other words: install malware on your computer and/or run it as part of a botnet.
Read this
Homeland Security warns to disable Java amid zero-day flaw
Along with this, hackers could access confidential documents, steal usernames and passwords, take over PCs, and remotely access networked devices, such as webcams, printers, televisions, security systems, and other devices plugged in or wireless connected to networks.
Most networking devices in fact use UPnP, including computers running Windows, Apple's OS X, and Linux. Many mobile devices also use UPnP to print to wireless or networked printers.
It's rare for the U.S. government to actively warn to disable software or a feature. That said, it comes only a fortnight after Homeland Security actively warned users to disable Java software, after a serious vulnerability was found that could have allowed hackers or malware writers to remotely execute code, if a rigged Web site was visited.