Important Notice to Sony VAIO Personal Computer Owners with Intel Wireless LAN Device : Security Notices : Sony Asia Pacific

Security vulnerabilities have been identified in the Intel® 2200BG and 2100 PRO/Wireless Network Connection Hardware. Sony is now investigating this issue and expediting the update program verification. Although Sony has not received any report from customers, as it involves a security issue, we would like to take it seriously and provide the up-to-date information and present countermeasures to remedy this issue.

Description of Symptom

For the Intel® 2200BG PRO/Wireless Network Connection Hardware:

Intel® Centrino Wireless Driver Malformed Frame Remote Code Execution (CS-023065)

Intel® PRO/Wireless 2200BG Network Connection (ver.9.0.4.16~10.5)
Intel® PRO/Wireless 2915ABG Network Connection (ver.9.0.4.16~10.5)

Security vulnerabilities exist in the Intel® 2200BG PRO/Wireless Network Connection Hardware, which could potentially be exploited by attackers within range of the Wi-Fi station to execute arbitrary code on the target system with kernel-level privileges. This symptom is due to a memory corruption while passing certain frames.

For the Intel® 2100 PRO/Wireless Network Connection Hardware:

Intel® Centrino Wireless Driver Malformed Frame Privilege Escalation(CS-023067)

Intel® PRO/Wireless 2100 Network Connection (ver.1.2.4.37~7.1.4.6)

This symptom is due to a memory corruption while handling requests from higher-level protocol drivers or users-level applications.

*Intel® Announcement:

http://support.intel.com/support/wireless/wlan/sb/cs-023068.htm

For further details:

http://support.intel.com/support/wireless/wlan/sb/cs-023065.htm

http://support.intel.com/support/wireless/wlan/pro2100/sb/CS-023067.htm

Affected VAIO Model

VAIO Personal Computer released from 2003 1Q to 2006 3Q with Intel® Wireless LAN device built-in(Some of them are equipped with non-affected Wireless LAN Device).

VAIO™ Notebook

Additional Resource