Jump to content
Login new information ×
Login new information
  • Software News

    Linux removing an outdated, insecure Microsoft USB network protocol that's still on Windows

    Karlston

    By Karlston,
    Published Date:

    • 542 views
    • 2 minutes
     Share
    • 542 views
    • 2 minutes

    Greg Kroah-Hartman, a Fellow at The Linux Foundation, looks ready to finally disable USB RNDIS protocol drivers once and for all. Interestingly, Hartman has had wanted to remove the RNDIS bits from Linux for some time now as the initial proposal was made back in November 2022 on the 23rd.

     

    Now, just over two years later on 23 December 2024, the commit has finally been pushed again. In the message accompanying it, Hartman explained how this ancient Windows XP-era Microsoft protocol is no longer necessary and it also makes the system insecure and vulnerable to threats. He wrote:

     

    USB: disable all RNDIS protocol drivers

     

    The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all rndis drivers to prevent anyone from using them again. Windows only needed this for XP and newer systems, Windows systems older than that can use the normal USB class protocols instead, which do not have these problems. Android has had this disabled for many years so there should not be any real systems that still need this.

    You can find the commit here on the LKML public inbox.

     

    For those who may not be familiar, the RNDIS or Remote Network Driver Interface Specification is a bus-independent message protocol for Ethernet (IEEE 802.3) network devices on dynamic Plug and Play (PnP) buses like the USB, 1394, Bluetooth, and InfiniBand. This standardized approach means that a set of host drivers can support any number of networking devices via the USB.

     

    As mentioned above, Microsoft debuted the spec back in the Windows XP days and it is still present on the still supported Windows 10 and Windows 11, including on the latest version, 24H2. Fortunately, though, the RNDIS driver does not automatically install on Windows 10 and 11.

     

    If you are curious, Windows 11 24H2 supports NDIS version 6.89.

     

    Source

    Hope you enjoyed this news post.

    Thank you for appreciating my time and effort posting news every day for many years.

    News posts... 2023: 5,800+ | 2024: 5,700+

    RIP Matrix | Farewell my friend  :sadbye:

    • phen0men4, Asim and wbswe14
    • Like 3
     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...