HP customers vulnerable to software update tool flaw

Several flaws in HP Software Update could allow an attacker to read system information or gain access to a machine.

A dangerous flaw in Hewlett-Packard Software Update, a tool that automatically updates HP software and drivers, could be exploited by an attacker to read sensitive information or gain access to a system.

Successful exploit requires that the user is tricked into visiting a malicious website using IE6 or earlier.
Tan Chew Keong.
security researcher

The tools contain several ActiveX flaws that could be exploited by tricking Internet Explorer users into visiting a malicious website.

Danish vulnerability clearinghouse Secunia gave the threat a "highly critical" rating in its Secunia SA29966 advisory. Secunia said the potential exposure of system and other sensitive information as well as remote system access warranted the rating.

The vulnerabilities are reported in versions 4.000.009.002 and prior. HP has issued an advisory and an update for the tool to plug the holes. HP said the Software Update tool is often installed as part of software supplied with its PCs, printers, scanners or cameras.

The flaws were discovered by security researcher, Tan Chew Keong. Specifically, the tool has an ActiveX control flaw, which could be exploited by an attacker to cause a stack-based buffer overflow. Keong said the flaws were discovered in March.

"Successful exploit requires that the user is tricked into visiting a malicious website using IE6 or earlier," Keong said in a vuln.sg research advisory. "If the user uses IE7, he must first be convinced into allowing the ActiveX control to run."

A second ActiveX flaw could be exploited to read registry entries or text files. After successfully exploiting the flaw, an attacker could also retrieve system and OS information, Secunia said.

Dig deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close