Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
Tech
News18 » Tech
2-min read

HP Patches Software Vulnerability that Potentially Put Millions of Users at Risk

Security research firm SafeBreach has discovered a privilege escalation flaw in Open Hardware Monitor library, used by HP TouchPoint Analytics bundled software.

Shouvik Das | News18.com@distantvicinity

Updated:October 10, 2019, 7:51 PM IST
facebookTwitterskypewhatsapp
Representative image. (Photo: Flickr)
Representative image. (Photo: Flickr)

A critical vulnerability was recently discovered by security research firm SafeBreach, which uses unmonitored privilege escalation in Open Hardware Monitor tool to infect Windows PCs that run software based on it. Among others, one of the most commonly found bundled software that uses the Open Hardware Monitor is HP TouchPoint Analytics — a tool that runs on millions of HP laptops and desktops worldwide, thereby putting the same number of users at risk. The flaw has since been reported to HP, and the company has subsequently issued a patch fixing the said vulnerability.

The reason why this flaw could have been potentially critical is because tools such as HP TouchPoint Analytics are loaded as signed services, and are therefore whitelisted by many anti-malware tools. In this case, the HP TouchPoint Analytics tool had high, root-level system access, and being a whitelisted tool, allowed attackers to escalate the system privilege to gain access to critical parts of the system. Potential use cases for hackers here include data theft, undetected tracking of users and critical surveillance activities, which are further compounded by attackers going undetected because of anti-malware and spyware tools failing to detect it as a breach.

"These types of vulnerabilities are alarming because they indicate the ease with which malicious hackers could mount supply-chain attacks targeting and breaching highly trusted elements of our software ecosystem. This should be a clear signal to security teams that they need to increase their frequency of testing and analysis of their security envelope, in order to match the pace of criminals who are constantly innovating ways to hack into the most vulnerable parts of IT systems," said Itzik Kotler, co-founder and chief technology officer of SafeBreach.

HP's laptops and desktop systems run across a wide range of locations, and alongside personal use, are also used in enterprises that deal with potentially sensitive data. This makes the discovery even more sensitive, since through this privilege escalation process, attackers could simply target IT administrator setups, enter specific terminals, install arbitrary and malicious DLL files into the system and gain access to the machines in question, thereby gaining access to high sensitivity data. The flaw has since been patched by HP, although SafeBreach mentions that any other company that uses the Open Hardware Monitor tool is still potentially at risk.

Given that the Open Hardware Monitor tool is an open source utility, many stock software that are whitelisted by anti-malware scanners use it extensively. This brings the total potentially affected count up to tens of millions, further underlining the importance of issuing regular software updates for both companies and IT administrators alike.

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

| Edited by: ---
Read full article
Next Story
Next Story

Also Watch

facebookTwitterskypewhatsapp

Live TV

Countdown To Elections Results
To Assembly Elections 2018 Results