Vendors sometimes had multiple software updaters for different purposes and different implementations some more secure than others.Vendors often failed to make even basic use of TLS, properly validate update integrity, or verify the authenticity of update manifest contents.Every vendor shipped with a preinstalled updater that had at least one vulnerability resulting in arbitrary remote code execution as SYSTEM, allowing for a complete compromise of the affected machine.The security company’s investigation also identified a number of concerning trends: In total, we identified and reported twelve unique vulnerabilities across all of the vendors. Some vendors made no attempts to harden their updaters, while others tried to, but were tripped up by a variety of implementation flaws and configuration issues. The security company discovered that at least one (or more) of these updater tools is included in the default configuration of every single new machine, and the majority are wide open to exploitation. Now, an investigation by security firm Duo Labs has proven beyond doubt that these pre-installed manufacturer-based programs do indeed represent a major security risk.ĭuo Labs concentrated its investigation on the most common tools included with OEM software… third party updaters.
For a long time we considered the practice more of an irritation and inconvenience than a security risk, then along came the likes of Superfish and eDellRoot. We get home, plug it in and boot it up, only to be confronted by a plethora of manufacturer installed software… what is commonly referred to as bloatware.Įvery manufacturer is guilty, there have even been specialist software applications designed specifically to rid new machines of this pestilence – e.g.
We’ve all been through the scenario we purchase a shiny new PC and experience that tinge of excitement and anticipation as we rush home to set it up.
0 kommentar(er)
