HP laptops contain ActiveX bugs

By

A number of Hewlett-Packard notebook models are vulnerable to an ActiveX attack that could permit a hacker to execute malicious code.

HP laptops contain ActiveX bugs
A security researcher using the handle porkythepig said in a post today on Milw0rm that the unpatched vulnerability rests in the HP Info Center, pre-installed software that provides system information and is shipped with all HP laptops, mostly its Compaq models.

The researcher posted proof-of-concept code for the attack.

One of [the software's] ActiveX controls deployed by default by the vendor has three insecure methods that allow a malicious person to target the HP notebook machines for a remote code execution and remote registry manipulation-based attacks,” the researcher wrote.

If a victim is duped into visiting a malicious webpage, the attacker could take advantage of vulnerable ActiveX control – HPInfoDLL.dll – which could fire off the exploit.

If the victim goes to a vulnerable website, the website can invoke the ActiveX control and possibly download a trojan or a backdoor or a keylogger on the machine,” Amol Sarwate, director of the vulnerability research lab at Qualys, told SCMagazineUS.com

About 15 different series of HP and HP Compaq notebooks are affected by the bug, according to the Milw0rm post. The machines are widely used in businesses, Sarwate said.

In lieu of a patch, users should set the kill-bit for the affected ActiveX control, according to an advisory today from Secunia, which rated the vulnerability “highly critical.” Users should also avoid visiting untrusted websites, Sarwate said.

An HP spokesperson did not respond to a request for comment.

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?