Newly found Vulnerabilities04/26/08:

 

HP Software Update Vulnerabilities

 

We are aware of reports of multiple vulnerabilities affecting HP Software Update. These vulnerabilities are due to insecure methods in multiple ActiveX controls. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or view or modify sensitive information.
We encourage users to do the following to help mitigate the risks:

      Review the HP Support document and update to HP Software Update v4.000.010.008.

      Set the kill bit for the CLSIDs listed in the HP Support document.

      Disable ActiveX as described

 

Home

Comments