HP confirms gaping backdoor on 82 laptop models

Computer maker Hewlett Packard has fessed up to a gaping security hole on more than 80 laptop models, warning that the backdoor could users at risk of drive-by code execution attacks.

An advisory from HP lists 82 laptop models as vulnerable to the ActiveX vulnerability found on the HP Info Center software. The issue is rated “critical” and HP laptop owners should be aware that public exploit code that provides a roadmap for exploiting the hole is circulating around the Internet.

A successful exploit simply requires that the laptop owner is lured to a malicious Web site while using Microsoft’s Internet Explorer. The risks include remote code execution, remote system registry read/write access and remote shell command execution.

It affects laptops running Windows 2000, Windows XP and Windows Vista.

HP confirms gaping backdoor on 82 laptop models | Ryan Naraine’s Zero Day | ZDNet.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s