Privacy News Dell Precision Optimizer and Invincea Vulnerabilities

[Deleted member 178]

Talos are releasing advisories for vulnerabilities in the Dell Precision Optimizer application service software, Invincea-X and Invincea Dell Protected Workspace. These packages are pre-installed on certain Dell systems. Vulnerabilities present in these applications could allow attackers to disable security mechanisms, escalate privileges and execute arbitrary code within the context of the application user.

Invincea-X is the enterprise version of Sandboxie.

details of the attack:

TALOS-2016-0256 - Cisco Talos


Nothing is 100% safe those days...

 

[ispx]

reminds me of the superfish malware bundled with lenovo's bloatware laptops.

this coming from the dell brand surprises me, coming from lenovo i was not surprised at all.

 

[509322]

LOL @Umbra

 

[Deleted member 178]

reminds me of the superfish malware bundled with lenovo's bloatware laptops.

no you didn't understand, those system have a preinstalled sandbox software (invincea-X) which are bypassed via privileges escalation. they are not bundled with malware.

 

[ispx]

@Umbra,

copy that. thanks mod.