New Realtek HD Audio Drivers (ver. 1.91 22 April 2008)

[Cal Bear '66]

New Realtek HD Audio Drivers (ver. 1.91 22 April 2008):


http://www.realtek.com.tw/downloads...=24&Level=4&Conn=3&DownTypeID=3&GetDown=false


Add/Fix
1.) Driver :
1. Fix DTM 1.2 KS topology test fail issue.
2. Customizations.


NOTE: There is now a disclaimer before you can download the drivers that it is
best to obtain new drivers from your computer/motherboard manufacturer since
they may have made customizations to their hardware; although, I personally have
never had a problem with the drivers downloaded directly from the Realtek site.


I Bleed Blue and Gold
GO BEARS!

 

[peter c.a.hawkins]

Hello ,Are you finding that the HD icon does not load in the taskbar?

 

[Cal Bear '66]

No, the Realtek HD Audio Manager red speaker icon always seems to load on every
reboot here.


I Bleed Blue and Gold
GO BEARS!

 

[MowGreen [MVP]]

And now, for the bad

Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation


:: Non-Technical Description

Realtek HD Audio Codec Drivers are prone to a local privilege escalation due to insufficient validation of user-mode buffers. Successful exploitation grants SYSTEM privileges to authenticated users, no special privileges are required to exploit the flaw.

A malicious attacker can take advantage of these flaws to elevate privileges in the following forms:

1. Creating, reading or writing arbitrary registry keys.
2. Overwriting arbitrary kernel addresses.


:: Files affected

RTKVHDA.sys < 6.0.1.5605 (32-bit) Windows Vista
RTKVHDA64.sys (signed) < 6.0.1.5605 (64-bit) Windows Vista

:: Credits

Vulnerability discovered and researched by Ruben Santamarta.

:: Disclosure Timeline

04/02/2008 - Realtek contacted
04/23/2008 - Flaw fixed. Public Disclosure.

:: Technical details - Original Advisory

http://www.wintercore.com/advisories/advisory_W010408.html

RTKVHDA.sys and RTKVHDA64.sys V.6.0.1.5605 are in that updated driver
package. Did they post a Disclaimer for the vulnerability ?

Caveat emptor !

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============

 

[peter c.a.hawkins]

How strange,mine will not load .it only appears if i click on hd manager in
the control panel.not to worry.

 

[TomV]

Hi, Mow,

I'm reading the wintercore site as indicating the versions prior to this
release are vulnerable. If you look in #6 Products Affected, they're
using the symbol less than (<) before the release number. I'm assuming
6.01.5605 is the fixed release.

Tom

And now, for the bad

Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation


:: Non-Technical Description

Realtek HD Audio Codec Drivers are prone to a local privilege
escalation due to insufficient validation of user-mode buffers.
Successful exploitation grants SYSTEM privileges to authenticated
users, no special privileges are required to exploit the flaw.

A malicious attacker can take advantage of these flaws to elevate
privileges in the following forms:

1. Creating, reading or writing arbitrary registry keys.
2. Overwriting arbitrary kernel addresses.


:: Files affected

RTKVHDA.sys < 6.0.1.5605 (32-bit) Windows Vista
RTKVHDA64.sys (signed) < 6.0.1.5605 (64-bit) Windows Vista

:: Credits

Vulnerability discovered and researched by Ruben Santamarta.

:: Disclosure Timeline

04/02/2008 - Realtek contacted
04/23/2008 - Flaw fixed. Public Disclosure.

:: Technical details - Original Advisory

http://www.wintercore.com/advisories/advisory_W010408.html

RTKVHDA.sys and RTKVHDA64.sys V.6.0.1.5605 are in that updated driver
package. Did they post a Disclaimer for the vulnerability ?

Caveat emptor !

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============

 

[MowGreen [MVP]]

You are correct, Tom. That bracket does indicate lesser versions of the
drivers for Vista are vulnerable :

04/02/2008 - Realtek contacted

04/23/2008 - Flaw fixed. Public Disclosure.

The Public Disclosure was one day after Realtek put out the latest
drivers. So, if anyone is reading this and has the *older, vulnerable*
versions installed ... go get them here:
http://www.realtek.com.tw/downloads...=24&Level=4&Conn=3&DownTypeID=3&GetDown=false

Cal Bear '66 to the rescue ... away.

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============

Hi, Mow,

I'm reading the wintercore site as indicating the versions prior to this
release are vulnerable. If you look in #6 Products Affected, they're
using the symbol less than (<) before the release number. I'm assuming
6.01.5605 is the fixed release.

Tom

<snip>

 

[TomV]

Check if resetting the icon to display fixes the icon loading. Open the
HD Audio Manager and click the information icon. Toggle the setting
to Display icon in the notification area.

 

[DarkSentinel]

And now, for the bad

RTKVHDA.sys and RTKVHDA64.sys V.6.0.1.5605 are in that updated driver
package. Did they post a Disclaimer for the vulnerability ?

Caveat emptor !

While not related to this particular issue, there are a couple of other
issues to be aware of here too. Loading Logitech's SetPoint software will
sometimes break the driver. A driver reinstall will fix this issue. Also,
for those that run SAM Broadcaster, the last version of the Realtek drivers
will sometimes kill the output. SAM must be completely uninstalled, and
reinstalled from scratch. Would pretty much advise that unless the update
fixes issues that are currently being experienced to stay with what is
working.