Dell, Toshiba and Lenovo Utilities Expose PCs To More Attacks

jones_supa writes: It turns out that OEM helper software is still often quite fragile and can expose systems wide open to attack. Currently Lenovo, Dell and Toshiba all have unpatched vulnerabilities in their various support utilities for Windows. These vulnerabilities were discovered by a security researcher who goes by the name Slipstream, and he has posted details onlinealong with proof-of-concept exploit code. The vulnerabilities allow arbitrary code execution, planting malicious files and modifying system registry values.

Re:Yup

Most companies that produce PCs view the software side of things as a value-add - it's a checkbox criteria "put some shit on the box so we can say we have more shit". Unfortunately they view the software precisely like this - it's just shit, and it gets hacked together on a shoestring budget with no testing whatsoever. For most of us it'd be better if they just didn't add it in the first place.

Re: Interesting, thank you I will try this out

[xiando]

A computer illiterate friend has a Windows-infected computer and would like to replace the HDD with a SSD and has been nagging me to do it (because I must know how since I've used GNU/Linux the past 15 years and have no idea how Windows works). If I can just download some ISO for the version already on the old hard-drive and type in the things on the sticker and it'll be a genuine copy then that's fantastic.

As for the parent poster who was talking about "pirating" Windows: Please go kill yourself or give me my money back. You can't buy a non-Windows-infected computer and most of us have paid for dozens for Windows licenses that we've never ever used. If I ever do "pirate" a Windows copy then you can subtract that one against the zillion I've already paid for.