Slashdot Mirror

← Back to Stories (view on slashdot.org)

Out-Of-the-Box Exploitation Possible On PCs From Top 5 OEMs (arstechnica.com)

Posted by msmash on from the security-woes dept.

According to a report published by two-factor authentication service Duo Security, third-party updating tools installed by Dell, HP, Lenovo, Acer, and Asus (the top five Windows PC OEMs) are exposing their devices to man-in-the-middle attacks. Dan Goodin, reports for Ars Technica: The updaters frequently expose their programming interfaces, making them easy to reverse engineer. Even worse, the updaters frequently fail to use transport layer security encryption properly, if at all. As a result, PCs from all five makers are vulnerable to exploits that allow attackers to install malware.Duo Security adds: Hacking in practice means taking the path of least resistance, and OEM software is often a weak link in the chain. All of the sexy exploit mitigations, desktop firewalls, and safe browsing enhancements can't protect you when an OEM vendor cripples them with pre-installed software.

2 of 81 comments (clear)

  1. OEM Rescue Kit by Anonymous Coward · · Score: 5, Interesting

    OEM Rescue Kit

  2. Re: Hmm.... by Rosyna · · Score: 4, Interesting

    A clean install may not work. There is a hook in Windows 8 and later that allows OEM firmware to supply a list of software to install after a clean install.

    The feature was originally designed so Windows could automatically install necessary OEM-specific drivers without requiring a custom installer be used. Sadly, OEMs have used it to install vulnerable crapware.

    You just can't win against crapware.