|
Posted by - Bobb - on January 6, 2008, 10:24 am
Please log in for more thread options maybe try:
comp.sys.hp.hardware
>
> Does anyone know more about this? What is " HP Software Updates
> application" and does just turning it off unless needed protect us, if
> my reading is correct.
>
> I have a a N610C and by pure dumbness on my part, I've lost the BIOS
> password. I'm not doing to fool with BIOS upgrades on this old
> machine.
>
>
>
>
>
>
http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053818&intsrc=hm_list
>
>
> 'Bricking' bug threatens most HP, Compaq laptops
>
> December 20, 2007 (Computerworld) The hacker who posted an exploit
> last week that threatened a large swath of Hewlett-Packard Co.'s
> laptop lineup followed up yesterday with new attack code that can
> "brick" nearly every HP laptop.
>
> ...Last week, porkythepig disclosed multiple flaws in other software
> included with HP's portables. When the company patched the
> vulnerabilities a day later, it listed 83 affected laptops.
>
> The scenario in which an attacker overwrites the kernel and thus
> "bricks" the HP or Compaq notebook, was out of the ordinary, since
> most hacks aim to snatch control of the machine or infect it with
> identity-stealing malware. But the crippling attack, said
> porkythepig, is actually the simpler of the two. "This attack vector
> doesn't require any additional victim social engineering, because
> the system files are always placed in the predictable locations," he
> said.
>
> A drive-by attack that hopes to execute rogue code, however,
> requires more work. To successfully exploit the ActiveX bug in
> Software Update and compromise the computer, the hacker needs to
> know the location of certain files.
>
> "Every HP notebook machine containing the HP Software Updates
> application is vulnerable," claimed porkythepig. "It is possible
> that the vulnerable machine model list disclosed by the vendor as a
> confirmation to the previous issue concerning HP laptops, [the] HP
> Info Center case, will be similar in this case."
>
>
>
> 'Bricking' bug threatens most HP, Compaq laptops
>
>
>
>
> December 20, 2007 (Computerworld) The hacker who posted an exploit
> last week that threatened a large swath of Hewlett-Packard Co.'s
> laptop lineup followed up yesterday with new attack code that can
> "brick" nearly every HP laptop.
>
> In a post to the milw0rm.com Web site Wednesday, a Polish security
> researcher who used the alias "porkythepig" spelled out a pair of
> vulnerabilities in an ActiveX control used by HP's Software Update,
> the patch management program bundled with virtually every HP- and
> Compaq-branded laptop.
>
> According to porkythepig's post, the Software Update bugs let an
> attacker corrupt Windows' kernel files, making the laptop unbootable,
> or with a little more effort, allow hacks that would result in a PC
> hijack or malware infection. In either case, a drive-by attack could
> be conducted by feeding users an e-mail message with a link to a
> malicious Web site.
>
> "Every HP notebook machine containing the HP Software Updates
> application is vulnerable," claimed porkythepig. "It is possible that
> the vulnerable machine model list disclosed by the vendor as a
> confirmation to the previous issue concerning HP laptops, [the] HP
> Info Center case, will be similar in this case."
>
> Last week, porkythepig disclosed multiple flaws in other software
> included with HP's portables. When the company patched the
> vulnerabilities a day later, it listed 83 affected laptops.
>
> The scenario in which an attacker overwrites the kernel and thus
> "bricks" the HP or Compaq notebook, was out of the ordinary, since most
> hacks aim to snatch control of the machine or infect it with
> identity-stealing malware. But the crippling attack, said porkythepig,
> is actually the simpler of the two. "This attack vector doesn't require
> any additional victim social engineering, because the system files are
> always placed in the predictable locations," he said.
>
> A drive-by attack that hopes to execute rogue code, however, requires
> more work. To successfully exploit the ActiveX bug in Software Update
> and compromise the computer, the hacker needs to know the location of
> certain files.
>
> The researcher said he had tested the exploit code on Windows 2000,
> XP, Server 2003 and Vista, and that the vulnerabilities pose a risk to
> any user with either Internet Explorer 6 (IE6) or IE7 on the PC. Nor
> will HP be able to use the down-and-dirty fix it deployed last week,
> said porkythepig. After he revealed several bugs in HP's Info Center a
> week ago, HP issued an update that simply disabled the vulnerable
> software.
>
> "Simple disabling of the vulnerable control by the vendor's patch,
> like in the other HP software vulnerability case, HP Info, [could
> still] result in the machine['s] software update system [being]
> compromised, and would leave the user vulnerable to future security
> issues," porkythepig said in the milw0rm.com write-up.
>
>
| 
XML Sitemap