Author Topic: Security Vulnerabilities Discovered in Pre-Installed Dell Software  (Read 76 times)

0 Members and 1 Guest are viewing this topic.

Offline Barbosa

  • Updates Moderator
  • *
  • Posts: 1524
Security Vulnerabilities Discovered in Pre-Installed Dell Software
« Reply #1 on: July 05, 2017, 11:16:12 AM »
Security Vulnerabilities Discovered in Pre-Installed Dell Software
5 July 2017, 9:56 am

Customers of Dell devices might be exposed to cyber-attacks, as the pre-installed software includes vulnerabilities that could allow hackers to disable security solutions and to escalate privileges.

Marcin ‘Icewall’ Noga of Cisco Talos has discovered 3 different vulnerabilities affecting select Dell systems, urging customers to install the latest updates as soon as possible to prevent attacks.

First and foremost, there’s a privilege escalation vulnerability documented in CVE-2016-9038 and which exists in the SboxDrv.sys driver. The researcher says the security flaw can be exploited by sending crafted data to the \Device\SandboxDriverApi device driver because it provides read and write rights to everyone. A successful attack could lead to local privilege escalation, the researcher notes, adding that Invincea-X and Dell Protected Workspace 6.1.3-24058 are both vulnerab... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<

 


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks