Dell, Toshiba and Lenovo Utilities Expose PCs To More Attacks

jones_supa writes: It turns out that OEM helper software is still often quite fragile and can expose systems wide open to attack. Currently Lenovo, Dell and Toshiba all have unpatched vulnerabilities in their various support utilities for Windows. These vulnerabilities were discovered by a security researcher who goes by the name Slipstream, and he has posted details onlinealong with proof-of-concept exploit code. The vulnerabilities allow arbitrary code execution, planting malicious files and modifying system registry values.

Re:Yup

Most companies that produce PCs view the software side of things as a value-add - it's a checkbox criteria "put some shit on the box so we can say we have more shit". Unfortunately they view the software precisely like this - it's just shit, and it gets hacked together on a shoestring budget with no testing whatsoever. For most of us it'd be better if they just didn't add it in the first place.

Windose Again

Oh FFS:

"LSCTaskService is further associated with a file called LSCController.dll, which contains methods that can be called using HTTP GET and POST requests to its port. LSCTaskService can be made to run arbitrary code in the unprotected directory %APPDATA%\LSC\Local Store with system privileges, using a LSCController method called RunInstaller."

So javascript on a website can run arbitrary code with system privileges! FFS.

And Dell too? Having been caught installing a backdoor cert on its PCs, here it is again.

Re:Yup

[houstonbofh]

No but the PC Decrapifier will... https://www.pcdecrapifier.com/