On Tuesday, a security researcher disclosed to Bugtraq, a public newsgroup, details of remote execution attacks on some models of Hewlett-Packard laptops. According to the researcher, who is using the name "porkythepig," flaws in HPInfoDLL.dll, one of the ActiveX controls used within the HP Info Center, could allow remote attackers to target the laptop and also execute registry changes on the compromised machine.
As of Wednesday, HP has not offered a response.
The scenario within the disclosure suggests that an attacker could lure a victim to a specially created Web site. When viewing the Web site in Internet Explorer, the ActiveX control within the HP Info Center could be compromised. If the victim uses a browser other than Internet Explorer, the browser would still call Internet Explorer to handle the ActiveX component on the specially created Web site.
Once a machine is compromised, an attacker could then install malware, change registry information in preparation for a more sophisticated attack, use the machine in a denial-of-service attack on itself or another target, or steal sensitive data from documents on the compromised machine.
A list of potentially vulnerable HP laptop models can be found in the full disclosure posted on BugTraq. To see whether your particular HP laptop is vulnerable, the researcher also provided a Web site (use this link at your own risk).
- prev
- 1
- next
