« Their problem could be your problem | Main | Realplayer Patch Released »

Wednesday, June 04, 2008

Evil Hewlett-Packard support application

If you use an HP computer chances are it has a pre-installed customer support application that has been found to contain multiple security vulnerabilities. The software is designed to make it simple for users to automatically update HP drivers and software. However, flaws in ActiveX components within the HP Instant Support allow drive-by download attacks in cases where users unwittingly visit insecure websites.

HP Instant Support HPISDataManager.dll version 1.0.0.22 and earlier are affected. Users should upgrade to version 1.0.0.24.

To install the upgrade HP users should visit "http://www.hp.com/go/ispe" and choose “launch an online diagnostic session".

Posted by Matthew Carrick at 12:06.02 PM EDT | Permanent Link
| Categories: Adware/Spyware Alerts, Security Alerts, Virus-Trojan-Worm Alerts