dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
357

OldNavyGuy
join:2018-07-24
Newberg, OR

8 recommendations

OldNavyGuy

Member

Windows PCs Exposed to Attacks by Critical HP Support Assistant Bugs

Several critical HP Support Assistant vulnerabilities expose Windows computers to remote code execution attacks and could allow attackers to elevate their privileges or to delete arbitrary files following successful exploitation.

HP PSIRT partially patched the vulnerabilities in December 2019 after receiving an initial disclosure report from Demirkapi during October 2019.

Another patch was issued in March 2020 after the researcher sent an updated report in January to patch one of the flaws that was left untouched previously and to fix a newly introduced one.

However, HP failed to patch three of the local privilege escalation vulnerabilities which means that even if you are using the latest HP Support Assistant version, you are still exposed to attacks.


»www.bleepingcomputer.com ··· nt-bugs/

therube
join:2004-11-11
Randallstown, MD

4 recommendations

therube

Member

Am I getting this correctly?
For the Locals, you are local to the machine & running the exploit (from a non-Admin account), giving you Admin access.
And if that's the case, that's not going to be a particular concern to a "regular" person, I wouldn't think.

So if I have a "guest" account on my machine, & someone is using that guest account, they don't have access to "my" account, my files.
But then run this exploit, & then they do.
OK.
Perhaps not wanted, but it's also not coronavirus.

So I disable guest & I don't allow others to have physical access...

Now the fact that HP's crapware is bug ridden, has been bug ridden, that's a different story.
And much like coronavirus & its response, it shows you where HP's priorities are.

Phoenix22
Death From Above
Premium Member
join:2001-12-11
SOG C&C Nrth

Phoenix22 to OldNavyGuy

Premium Member

to OldNavyGuy
sorry i trampled.......gettin' older........
jd

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

5 recommendations

Snowy to therube

Premium Member

to therube
said by therube:

Am I getting this correctly?
For the Locals, you are local to the machine & running the exploit (from a non-Admin account), giving you Admin access.
And if that's the case, that's not going to be a particular concern to a "regular" person, I wouldn't think.

The prerequisite of having a rogue user on the system is the real issue.
Addressing each and every possible abuse a rogue user can accomplish is a waste of time, especially considering if a group of vulnerabilities are defeated you've still got the original problem of a rogue user.
said by therube:

Now the fact that HP's crapware is bug ridden, has been bug ridden, that's a different story.

No, that is the story.
IMO, I got the clear impression that despite the extended details of each abuse the intent was to highlight HP's piss poor process management from inception to deployment.