Dear Valued Sony Customer,
Sony has recently identified a software vulnerability involving a buffer overflow in the network connection software installed on certain VAIO personal computers. A security update for this issue has been released and Sony recommends that all customers who have Affected Models immediately install the update.
VAIO personal computers that have one of the following programs preinstalled.
- VAIO PC Wireless LAN Wizard version 1.0
- VAIO Wireless Wizard version 1.00, 1.00_64, 1.0.1, 2.0, or 3.0
- SmartWi Connection Utility version 4.7, 4.7.4, 4.8, 4.9, 4.10, or 4.11
The vulnerability could potentially allow arbitrary code to run on the Affected Models when browsing a web-site made by a malicious attacker.
Note: There have been no reported instances of this vulnerability being exploited as of January 5, 2012.
Sony has released a security update for the Affected Models that resolves this issue. Sony recommends that all customers who have Affected Models immediately install the latest version of the software by using VAIO Update.
Note: If you are using the default VAIO Update settings the update will be installed automatically.
The update program is also available for download.
Sony would like to thank High-Tech Bridge SA Security Research Lab for reporting this issue and working with Sony to help protect our customers.