Users ofHewlett-Packardlaptops are being
warned that software bundled with their machines could open them up
to hackers.
The
US Computer Emergency Readiness Team (US-CERT) says there is a
security vulnerability in the HP Info Center Software, with a
public exploit already circulating in hacking circles.
"US-CERT is aware of public reports stating that the HP Info
Center Software, which allows one-touch access to features on HP
laptops, may contain a vulnerability," said US-CERT in an
advisory.
"This vulnerability may allow a remote, unauthenticated attacker
to execute arbitrary commands or to view or alter the system
registry on affected systems," it said.
To help mitigate the security risk, US-CERT recommends that
users and administrators disable ActiveX controls on machines and
check the security of their browsers.
US-CERT plans to provide additional information on the HP flaw
as it becomes available.