• On CHOW: Sexy vampire party
December 12, 2007 10:45 AM PST

Some HP laptops exposed to criminal hacking

by Robert Vamosi
  • Font size
  • Print
  • 4 comments

On Tuesday, a security researcher disclosed to Bugtraq, a public newsgroup, details of remote execution attacks on some models of Hewlett-Packard laptops. According to the researcher, who is using the name "porkythepig," flaws in HPInfoDLL.dll, one of the ActiveX controls used within the HP Info Center, could allow remote attackers to target the laptop and also execute registry changes on the compromised machine.

As of Wednesday, HP has not offered a response.

The scenario within the disclosure suggests that an attacker could lure a victim to a specially created Web site. When viewing the Web site in Internet Explorer, the ActiveX control within the HP Info Center could be compromised. If the victim uses a browser other than Internet Explorer, the browser would still call Internet Explorer to handle the ActiveX component on the specially created Web site.

Once a machine is compromised, an attacker could then install malware, change registry information in preparation for a more sophisticated attack, use the machine in a denial-of-service attack on itself or another target, or steal sensitive data from documents on the compromised machine.

A list of potentially vulnerable HP laptop models can be found in the full disclosure posted on BugTraq. To see whether your particular HP laptop is vulnerable, the researcher also provided a Web site (use this link at your own risk).

As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.
Topics:

Security

Tags:

security,

HP,

BugTraq,

malware,

HP Info Center

Share:
Digg
Del.icio.us
Reddit
Recent posts from News Blog
Nvidia puts NForce chipset development on hold
Opera 10 browser is here
Neil Young Archives Blu-ray: Rip off?
Acronis revises survey results about backup habits
Acronis miscalculates data on users' bad backup habits
Flickr co-founder presses beta button
Comcast, Sony open retail store
Cox to try coaxing the Internet into submission
Related
Corporate bank accounts targeted in online fraud
CNET's Quick Guide to Netbooks
A child porn-planting virus: Threat or bad defense?
Spying on a stolen laptop
Google's holiday gift: Free airport Wi-Fi
Mulling mobile broadband options
Windows 7 default user account control worries experts
Hands on with the new Dell Adamo XPS
Add a Comment (Log in or register) (4 Comments)
  • prev
  • 1
  • next
Pre-installed software
by morlamweb December 12, 2007 12:26 PM PST
Yet another reason to clean all of the pre-installed crap off new PCs from system vendors.
Reply to this comment
Crapware
by robwill53 December 12, 2007 12:43 PM PST
Just one more example of a PC company trying to "add value" by adding software to a computer that actually detracts from performance in one or more ways, in this case security. PC companies should be required to offer customers the option of purchasing a PC that is crapware free for the same price.
Reply to this comment
I AM THE BLACK MAGE! I CASTS THE SPELLS THAT MAKES THE PEOPLES FALL DOWN!
by Wookiee-1138 December 12, 2007 6:59 PM PST
SWORDCHUCKS YO!
Reply to this comment
the only fix
by Dalkorian December 13, 2007 11:09 AM PST
The article mentions this little interesting tidbit:

"When viewing the Web site in Internet Explorer, the ActiveX
control within the HP Info Center could be compromised. If the
victim uses a browser other than Internet Explorer, the browser
would still call Internet Explorer to handle the ActiveX
component on the specially created Web site."

Notice two important points - 1. ActiveX is involved (surprise!)
and 2. It doesn't matter what browser you use, IE will still be
involved in compromising your machine.

There is only one true fix for this. Remove winblows, reformat
the drive a few times to be sure it's really gone and install an OS
that isn't a total joke (Linux comes quickly to mind - pick your
flavor).
Reply to this comment
(4 Comments)
  • prev
  • 1
  • next
advertisement

A CNET Conversation with Eric Schmidt

CNET's Tom Krazit and Molly Wood sit down with Google CEO Eric Schmidt to discuss the future of Android, the Chrome OS, the problem of real-time search indexing, and more.

Verizon tests sending RIAA copyright notices

The No. 2 phone company, known for its reluctance to intervene in antipiracy cases, strikes an agreement to forward copyright notices on behalf of the music industry.

About News Blog

Recent posts on technology, trends, and more.

Add this feed to your online news reader

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET