It’s always a nice feeling to power up a new laptop or notebook for the first time.
The machine boots in no time, the desktop isn’t cluttered with 18 months’ worth of stuff, and everything just works. There’s also that really nice feeling knowing that the laptop is clean and virus free. Or at least it should be. It turns out that nothing could be further than the truth.
At least that’s according to a research team from Duo Security.
A new study released by the Duo Labs team has found a veritable plethora of security vulnerabilities in the software update tools that come preinstalled with some of the most popular brands of laptop makers.
Duo Labs have discovered that Laptops from Acer, Asus, Dell, HP, and Lenovo come preloaded with security issues fresh from the factory.
All of the above manufacturers were found to have security issues that would allow hackers to piggy back on the update processes and install malicious code the first time a new laptop connected to the internet.
Worse still, the skills and experience required to hack the new laptops was deemed to be minimal. Each of the OEM vendors listed were found to have at least one vulnerability that the Duo Labs team rated as being high risk.
Among the security failures discovered were the delivering of updates without using HTTPS, and also the non-signing and non-validation of update files. Neither of these flaws is good news for consumers.
Duo Labs also had some sharp words for the ‘bloatware,’ that the OEMs (Original Equipment Manufacturers) insisted on installing on their laptops. OEMs routinely install programs that come with free 30 day trials, and sometimes more than one product registration form.
Most of this ‘bloatware’ is, according to Duo Labs, a) unnecessary, and b) not installed at users requests, and c) often the weak link in the security chain.
Suggestions for OEMs
The Duo Labs report concludes with the recommendation that OEMs should make their OEM updaters harder to hack, and should consider reducing or controlling the extra as standard software they allow to be preinstalled on the laptops they produce.
For the rest of us….
It’s not great news, I’m afraid to say.
Short of wiping the OS and installing a clean version of Windows 10, or uninstalling and disabling the OEM updaters, there’s next to nothing us poor end users can actually do.
But thank the heavens for small mercies.
Before publishing the report, the guys at Duo Labs gave their findings to the companies in question, and some of them, like HP have taken steps to fix their security issues already, while others, like Lenovo, are said to be releasing a patch to address the vulnerabilities shortly. And credit where credit is due, Dell were reported to have fixed all their issues fairly promptly.
All the same, if you do own a laptop, it’s probably a good idea to get your hands on some independent 3rd party security software. If you want that security for free, you could do a lot worse than installing something from FileHippo.com, the link for which you can find here.
You can download the pdf of the Duo Labs report, here.
The post Laptops Come Preinstalled With Security Vulnerabilities appeared first on FileHippo News.
via FileHippo News http://ift.tt/1VzBOm5
MusicBee makes it easy to organize, find and play music files on your computer, on portable devices and on the web. MusicBee lets you play your music the way you want to hear it, and makes managing a large collection of files easy. Features: Support for all common formats, including MP3, WMA, AAC, M4A and many others. Extensive metadata suppor...
YouWave will allow you to run Android apps and app stores on your Windows PC. YouWave runs Android apps on your Windows PC by creating a virtual Android environment inside Windows. Although YouWave has been specifically designed as an emulated environment to run Android apps, sometimes the transition doesn't always come off that well. Key...
Evernote allows you to easily capture information in any environment using whatever device or platform you find most convenient, and makes this information accessible and searchable at any time, from anywhere. Stop forgetting things. Capture everything now so you will be able to find it all later. Tasks and to-dos Notes and research Web pages...
Wise Memory Optimizer is a smart little tool that can help you to free up the physical memory taken up by some apps to enhance your PC performance. Instead of constantly hitting Ctrl-Alt-Del to close unresponsive apps, you can simply use a one click solution such as Wise Memory Optimizer. The app has been designed to optimize your computer's...
CodeLobster PHP Edition is a free portable handy and easy-in-use code editor that is primarily intended for quick and easy creation and editing of PHP, HTML, CSS, JavaScript files. IT houses a large range of support for Drupal CMS, Joomla CMS, Smarty template engine, Twig, JQuery library, CodeIgniter framework, CakePHP framework, Laravel fram...
EarthView is a dynamic desktop wallpaper and screen saver application, which displays beautiful views of the earth with daylight and night shadows. It produces colorful, high quality, high resolution images for every screen resolution, even beyond 2560x1600. There are numerous options that allow total customization of all view parameters. It...
