Security News Pre-Installed Software Flaws Expose Dell Systems to Code Execution

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
....a quote from the article:

Flaws in pre-installed software expose Dell systems to attacks that could result in the disabling of security mechanisms, privilege escalation, and arbitrary code execution within the context of the application user.
The vulnerable applications include the Dell Precision Optimizer application service software and Invincea-X and Invincea Dell Protected Workspace, Cisco Talos reveals in an advisory.
Click to expand...
 
  • Like
Reactions: SumG and frogboy
tryfon

tryfon

Level 2
Verified
May 13, 2017
76
It’s one thing to bundle a computer with junkware, but a complete other to bundle it with junkware that is a severe threat to anyone using the computer
 
  • Like
Reactions: LASER_oneXM
orthonovum

orthonovum

Level 3
Verified
Jun 17, 2017
106
Happens more often than people realize too :( I bought a Razer laptop and found an unquoted service path in the Qualcomm drivers and there are no updates (luckily this is easy to fix yourself without a driver update). At work I had a Logitech wireless keyboard and it also was using unquoted service paths... it is 2017 this type of thing should not happen anymore ffs.

Don't get me started on DLLs
 
  • Like
Reactions: LASER_oneXM
F

ForgottenSeer 58943

tryfon said:
It’s one thing to bundle a computer with junkware, but a complete other to bundle it with junkware that is a severe threat to anyone using the computer
Click to expand...

Unfortunately these third party installs are a huge risk. One of the first things I do when I get a new laptop is to flatten it and fresh-install. Even then updates can sometimes re-install it. Voodooshield was blocking some background Lenovo crap on my wifes computer which I discovered was 'surveying' my network and running hidden Netsh commands every 15 minutes.. Talk about BS..

This isn't the first time Dell has put people at risk with their junkware/bloat.
 
  • Like
Reactions: LASER_oneXM
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Like
ASUS routers vulnerable to critical remote code execution flaws (patched)
Replies
1
Views
1,418
News Archive
codswollip
codswollip
Trident
    • Like
    • Applause
    • +Reputation
  • Poll
Serious Discussion Pre-execution vs post-execution protections explained
Replies
6
Views
1,068
General Security Discussions
Trident
Trident
Gandalf_The_Grey
    • Like
Citrix fixes severe flaws in Workspace, Virtual Apps and Desktops
Replies
0
Views
657
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top