Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
  • Go

HP Laptops Plagued With Multiple Zero-day Vulnerabilities

Almost 24 various notebook models retailed by Hewlett-Packard Co. (HP) shipped with a software affected by numerous zero-day flaws, security experts declared on December 12, 2007, as reported by COMPUTERWORLD on December 12, 2007.

The glitches are in an ActiveX control incorporated within the HP Info Center program preloaded on both Hewlett-Packard and Compaq-Presario brands of notebooks operating Server 2003, Vista, Windows 2000, and XP, informed Symantec Corp. in a message to the users of its DeepSight threat management system.

As per a caution placed on Milw0rm.com, the trouble originates from the HP Info Center code that exists as a default option on majority of the HP laptops. It seems that an ActiveX control, to be precise HPInfoDLL.dll, employs three vulnerable techniques that would permit cyber-terrorists to control the computer and begin strikes based on the exploitation of remote code process and remote registry. Though the Web browser of Microsoft is very insecure, but the same type of assault is supposedly unsuccessful against Safari, Firefox or Opera.

Every cyber criminal will often start with an endeavor to tempt a remote client having an insecure computer to open the hacker operated web link. Whenever the target uses a browser other than Internet Explorer (IE), the hacker tries to persuade him/her to click open the malevolent site from IE only. Afterwards, hacking follows automatically, without any contact with the target, notified the advisory reported on December 12, 2007 by PORTALIT.

The individual who detected the flaw and is known as 'porkythe pig' alleged that the ActiveX control has been dispatched with 23 other laptops and it has been proven to be executing the faulty control.

The cyber-terrorist ('porkythe pig') also took a stab at HP through the e-mails on Bugtraq and milw0rm.com. The firm is caught up in the battle for security software patents, and should pay greater attention towards customers' security instead of raking profits from the rights to the creation of the group, remarked porkythepig, reported COMPUTERWORLD on December 12, 2007.

HP for the second consecutive time in 2007 has encountered security problems with software that comes with its notebooks.

Related article: Heavy Spamming of PDF malware in October

ยป SPAMfighter News - 26-12-2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next