Windows Pc Makers Hang Customers Out To Dry With Flawed Updaters

Discussion in 'Current Events' started by jasetaro, Jun 3, 2016.

  1. jasetaro

    jasetaro Administrator
    Staff Member

    Joined:
    May 20, 2011
    Messages:
    177
    Likes Received:
    0
    I've always been a little suspicious of the software computer makers use to keep device drives and bundled software updated... I've seen them fail to deliver updates, or deliver out-of-date updates, etc.

    According Computerworld that's just beginning though:

    Prominent Windows PC makers, including Acer, Hewlett-Packard and Lenovo, have made "egregious" omissions in the software updaters they bundle with notebooks that leave customers at risk from attack by cyber-criminals, a security firm contended.

    "It's 2016," said Steve Manzuik, director of security research at Duo Security, in an interview. "[These updaters show] a lack of basic security measures that you should use."


    According to the report researchers found security flaws in all of the updaters they looked at. In short those flaws coupled with a lack of encryption and manifest signing make it easy for bad guys exploit those vulnerabilities.
     

Share This Page