Jump to content

Trifecta of Security Bugs Affecting Dell, Lenovo, and Toshiba Products

Starbuck
 Share

Recommended Posts

Starbuck Newbie

Starbuck

Posted
Posted

http://img.photobucket.com/albums/v708/starbuck50/trifecta-of-security-bugs-affecting-dell-lenovo-and-toshiba-products_zpswhymjyxl.jpg

 

Three major security vulnerabilities are affecting products from Dell, Lenovo, and Toshiba, the security analysts from LizardHQ are reporting.

 

The three security flaws reside in:

  • Dell System Detect (DSD) versions 6.12.0.1 and earlier
  • Lenovo's Solution Center versions 3.1.004 and earlier
  • Toshiba Service Station versions 2.6.14 and earlier

.

 

The Dell issue

 

Dell System Detect is a Windows application pre-installed on all Dell PCs and tablets, provided to customers as a way to simplify the process of contacting Dell's support. This very same service was also where security researchers found the second Dell root certificate in the infamous eDellRoot scandal.

 

According to LizardHQ's slipstream/RoL, this app starts an HTTP daemon on ports 8883, 8884, 8885, and 8886, for an internal API. This API can be abused to allow attackers to bypass the Windows User Account Control limitations.

 

"Not even uninstallation of Dell System Detect will prevent exploitation of these issues; it runs from %APPDATA% so malware could easily drop it on your system to exploit this issue," says slipstream/RoL.

 

He recommends the uninstallation of Dell System Detect and then blacklisting the DellSystemDetect.exe from being executed.

 

The Lenovo issue

 

The Lenovo Solution Center is a pre-installed app on Lenovo laptops that enables users to check the health of their system and network connections (how ironic).

 

According to LizardHQ's slipstream/RoL, attackers can run malicious code and escalate their privileges to SYSTEM level using a bug in the Lenovo Solution Center.

This is only possible while the Lenovo Solution Center is open.

 

To stay safe, users are encouraged to uninstall the Lenovo Solution Center, a recommendation issued not only by the security researcher but also by CERT and Lenovo itself.

 

The Toshiba issue

 

Toshiba Service Station is an application that the company provides to allow users to search and install software for their specific brand of computer.

 

Issues inside this software allow attackers with lower privileges on the machine to read parts of the Windows registry as SYSTEM-level users.

 

As with the Lenovo issue, uninstalling the Toshiba Service Station removes any danger of exploitation.

 

The LizardHQ team has made proof-of-concept code available for all three cases.

 

 

 

Source:

http://news.softpedia.com/news/trifecta-of-security-bugs-affecting-dell-lenovo-and-toshiba-products-497226.shtml

Member of:

UNITE

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...