A friend of mine needed a wireless PCMCIA adapter to connect his notebook to his wireless-g network. I recommended the WPC54G based on the quality reputation of Linksys.
He ordered one a few days ago and received a WPC54G v5. I downloaded the driver and noticed that it is a Broadcom driver in which a known exploit exists. This exploit, released back in November 2006 allows an attacker to take total control of the computer in which the WPC54G is installed.
The thing is, Broadcom fixed the exploit long ago and gave the new code to Linksys. Linksys only needs to pass on this driver to its customers.
Here we are, seven months after the exploit was released and Linksys has chosen not to release a non-exploitable driver for this card. I could kind of understand abandoning a discontinued product, but this card was just purchased days ago.
Is it too much to ask that a product purchased today not be vulnerable to a known exploit that has existed for seven months?
For information about the exploit: http://blogs.zdnet.com/Ou/?p=365
The WPC54G v2, v4 and v5 are based on Broadcom chipsets. FYI!
WPC54G v5, for instance, is Marvell-based. Linksys just forgot to prune unnecessary files (like broadcom and texas instruments drivers) from the driver download packages. (sorry bout my previous post, consider that bad info)
Message Edited by Frank on 07-17-200708:22 PM
________________ Frank "I will graduate on time, no matter how long it takes"
Well it makes sense to me now! I just hung up with Linkys technical support and the pre-tech screener I spoke to, said my WMP 54 GS was no longer under warranty and it would cost me $32.99 to speak to their technical support. She said they would help me download the needed drivers. I hung up in frustration. I've had better results and service with my SMC wireless products. I think I am finished with Linksys.