Warning: security gap in HP Support Assistant

Το HP Support Assistant είναι ένα χρήσιμο βοηθητικό πρόγραμμα που παρέχεται από την HP, για να μπορείτε να κατεβάζετε και να εγκαταστήσετε τα απαραίτητα firmware και software, να ελέγχετε την απόδοση, αλλά και να τρέχετε ορισμένες βασικές λύσεις αντιμετώπισης προβλημάτων, μεταξύ άλλων.hplaptop

However, the company warned that it had discovered a security hole in the app that could lead to privilege escalation using a method DLL hijacking.

HP has given the new security vulnerability a high severity rating with a CVSS v3.1 base score of 8,2.

The problem is in the Performance Tune-up diagnostic tool. In its security bulletin, HP he explains the problem:

Privilege Escalation in HP Support Assistant

HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. However, it is possible for an attacker to exploit the vulnerability with DLL hijacking and elevate privileges when Fusion launches HP Performance Tune-up.

HP also lists the vulnerable software versions to avoid:

  • HP Support Assistant versions earlier than 9.11
  • Fusion versions earlier than 1.38.2601.0

Thus, it is recommended that all HP PC users download and install HP Support Assistant version 9.11 from official website of the company.

iGuRu.gr The Best Technology Site in Greece
Follow us on Google News

HP Support Assistant, hp, iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).