Users of Hewlett-Packard laptops are being warned that software bundled with their machines could open them up...
The US Computer Emergency Readiness Team (US-CERT) says there is a security vulnerability in the HP Info Center Software, with a public exploit already circulating in hacking circles.
"US-CERT is aware of public reports stating that the HP Info Center Software, which allows one-touch access to features on HP laptops, may contain a vulnerability," said US-CERT in an advisory.
"This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands or to view or alter the system registry on affected systems," it said.
To help mitigate the security risk, US-CERT recommends that users and administrators disable ActiveX controls on machines and check the security of their browsers.
US-CERT plans to provide additional information on the HP flaw as it becomes available.