December 14th, 2007
HP confirms gaping backdoor on 82 laptop models
Computer maker Hewlett Packard has fessed up to a gaping security hole on more than 80 laptop models, warning that the backdoor could users at risk of drive-by code execution attacks.
An advisory from HP lists 82 laptop models as vulnerable to the ActiveX vulnerability found on the HP Info Center software. The issue is rated “critical” and HP laptop owners should be aware that public exploit code that provides a roadmap for exploiting the hole is circulating around the Internet.
A successful exploit simply requires that the laptop owner is lured to a malicious Web site while using Microsoft’s Internet Explorer. The risks include remote code execution, remote system registry read/write access and remote shell command execution.
It affects laptops running Windows 2000, Windows XP and Windows Vista.
[ SEE: There’s a hole in your laptop, dear HP, dear HP ]
The vulnerable ActiveX control is identified as HPInfoDLL.dll, which is marked as “Safe for Scripting” by default.
HP issued what could best be described as an interim patch that must be manually applied on vulnerable machines. It does not patch the vulnerability but instead disables the HP Info Center software.Instructions on applying the fix are available at the bottom of HP’s advisory.
ALSO SEE: Zero-day flaw haunts HP laptop models
Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.
For daily updates on Ryan's activities, follow him on Twitter.
Subscribe to Zero Day via Email alerts or RSS.
