Out-of-the-box exploitation possible on PCs from top 5 OEMs

History

2016-06-01

#863 Out-of-the-box exploitation possible on PCs from top 5 OEMs

The next time you're in the market for a new Windows computer, consider this: if it comes from one of the top five manufacturers, it's vulnerable to man-in-the-middle attacks that allow hackers to install malware.

That's the take-away from a report published Tuesday by researchers from two-factor authentication service Duo Security. It found third-party updating tools installed by default threatened customers of Dell, HP, Lenovo, Acer, and Asus. The updaters frequently expose their programming interfaces, making them easy to reverse engineer. Even worse, the updaters frequently fail to use transport layer security encryption properly, if at all. As a result, PCs from all five makers are vulnerable to exploits that allow attackers to install malware.

All - 2016-06-01

#867 The impossible task of creating a “Best VPNs” list today

#866 Ransomware is working, and the cybercrooks know it

#865 Outlook and Hotmail flooded by spam

#864 Samsung: Don't install Windows 10. REALLY

#863 Out-of-the-box exploitation possible on PCs from top 5 OEMs

#862 Tor Browser 6.0: Ditches SHA-1 support, uses DuckDuckGo for default search results

#861 Crypto-ransomware attacks Windows 7 and later, scraps backward compatibility

#860 Millions of PCs ship with bloatware riddled with security flaws, say researchers

#859 Got $90,000? A Windows 0-Day could be yours

#857 SSL/TLS and PKI timeline

#856 Hackers find bugs, extort ransom and call it a public service