On Tuesday, a security researcher disclosed to Bugtraq, a public newsgroup, details of remote execution attacks on some models of Hewlett-Packard laptops. According to the researcher, who is using the name "porkythepig," flaws in HPInfoDLL.dll, one of the ActiveX controls used within the HP Info Center, could allow remote attackers to target the laptop and also execute registry changes on the compromised machine.
As of Wednesday, HP has not offered a response.
The scenario within the disclosure suggests that an attacker could lure a victim to a specially created Web site. When viewing the Web site in … Read more