Security researchers at Binarly have warned of six vulnerabilities in HP computers, which are primarily used in the commercial sector. They say they reported the three hiatus to the producer more than a year ago. So far, not all models have been patched.
Firmware infected with malicious code
In one article, the researchers said:That these are UEFI firmware vulnerabilities in the System Management Module (SMM). All six vulnerabilities are classified as “high” and attackers can use them to push and execute malicious code on the system. How the attacks might proceed is not yet known. Attackers must be able to trigger memory errors in ways that are not described in detail in order to keep their code in memory.
The position of attackers in firmware is particularly dangerous because it allows them to anchor malicious code before Windows starts. This means that Windows security mechanisms are ineffective because the code is already running before the system starts. Attackers can also bypass Secure Boot in this way or use a backdoor to permanently install themselves on the PC.
Not all updates yet
In March 2022, HP closed a vulnerability (CVE-2022-23930) in all affected systems, for three more weaknesses (CVE-2022-31644, CVE-2022-31645, CVE-2022-31646) Security patches have been available since August, but not for all devices that are vulnerable. It also has patches for other vulnerabilities (CVE-2022-31640, CVE-2022-31641) is the case. For example, many ProBook, ProOne, Zcentral models are still vulnerable. It is not yet known when the patches will appear. The response to the request for Heise Security is still pending.
Freelance twitter maven. Infuriatingly humble coffee aficionado. Amateur gamer. Typical beer fan. Avid music scholar. Alcohol nerd.