said by therube:Am I getting this correctly?
For the Locals, you are local to the machine & running the exploit (from a non-Admin account), giving you Admin access.
And if that's the case, that's not going to be a particular concern to a "regular" person, I wouldn't think.
The prerequisite of having a rogue user on the system is the
real issue.
Addressing each and every possible abuse a rogue user can accomplish is a waste of time, especially considering if a group of vulnerabilities are defeated you've still got the original problem of a rogue user.
said by therube:Now the fact that HP's crapware is bug ridden, has been bug ridden, that's a different story.
No, that
is the story.
IMO, I got the clear impression that despite the extended details of each abuse the intent was to highlight HP's piss poor process management from inception to deployment.