LabVIEW

cancel
Showing results for 
Search instead for 
Did you mean: 

LabView vulnerability allows hackers to hack your computer


@mcduff wrote:

I am sure this is not the only vulnerability. 

 

See https://lavag.org/topic/19527-smash-call/

 

 


Trying not to get too far off topic, I believe this was fixed in VISA 16.0 and the person who reported it gets a shout out in the bug fix list for that version. I worked with them on an unrelated issue and they are a super smart/nice person.

Matt J | National Instruments | CLA
0 Kudos
Message 11 of 14
(754 Views)

Rolf,

 

I'm a co-founder of 0patch and I'd like to reply to your observations about our micropatch. Every micropatch is made for a specific executable module based on its cryptographic hash (not just the version, as technically it is possible to have two different modules with the same version). So while it's not seen in the source code, this particular micropatch was made for the 32-bit mgcore_SH_17_0.dll with version 17.0.0.49152, which was the current downloadable version last week. That said, when a module is replaced with an updated one, the micropatch automatically stops getting applies as the new module's hash is different.

 

Yes, we only made one micropatch, specifically for 32-bit LabVIEW 2017, as proof of concept. We'll be happy to port it to any other version by request.

 

Finally, 0patch works well with most antivirus products as it only does things that many security products also do (hooking).

 

I'll be happy to answer any additional questions or concerns.

 

Best regards,

Mitja Kolsek

0 Kudos
Message 12 of 14
(728 Views)

Hooovahh,

 

I'm a co-founder of 0patch and I'd like to reply to your observation about our blog post. The post was actually written *after* NI published their intent to provide a patch, and there is a mention of that with a link in the blog. We certainly did not mean to sound negative in any way; all of our effort at 0patch is aimed at improving the way vulnerabilities are getting fixed, and this can only be achieved with massive collaboration and consent. As our blog post states, this is not a huge vulnerability because it only benefits the attacker in case a LabVIEW user is suspicious about a VI file and wants to open it as a sub-VI to inspect its code (as recommended by NI's security best practices). We're nevertheless glad that NI is going to fix it.

 

Best regards,

Mitja Kolsek

0 Kudos
Message 13 of 14
(723 Views)

@MitjaKolsek wrote:

 

I'm a co-founder of 0patch ...


Thanks for coming here and contributing to the discussion. Only few users here are in your field of expertise and I am sure there will be more questions. (Today is a holiday in the US, so traffic is a bit slow :D)

0 Kudos
Message 14 of 14
(692 Views)