Acer 'preloads vulns' onto notebooks
Ripe for exploitation
10th January 2007 18:49 GMT
Acer has been called out for pre-loading a vulnerability on its notebooks.
A library file, called LunchApp.ocx, on the devices is set up to turn on the "safe for scripting" feature that means users are more vulnerable to ActiveX exploits. The "feature," designed to make it easier to browser Acer's site means systems can download potentially malicious Active X controls, without warning, if they happen to stray onto websites controlled by hackers.
This reduction in security defences was uncovered by security researchers at anti-virus firm F-Secure during testing of the LunchApp.ocx library, as explained here.
Acer is yet to respond to our requests for comment. ®
Register Hardware » News » PCs
Print
Retweet
Apple iMac All-In-One Desktop (3.06GHz Intel Core 2 Duo, 4GB DDR2, 1TB, DVD+-RW DL, Mac OS X v10.5 Snow Leopard, 27" LCD)
Velocity Micro Edge Z30 Midsize Desktop (2.66GHz Intel Core i5 750, 4GB DDR3, 500GB HDD, DVD±RW DL, Windows Vista Home Premium 64-bit)
HP (Hewlett-Packard) Compaq Presario CQ5210F Mini-Tower Desktop (2.7GHz Athlon 64 X2 215, 3GB DDR2, 500GB, DVD±RW DL, Windows 7 Home Premium)
HP (Hewlett-Packard) Pavilion p6240f Mini-Tower Desktop (2.5GHz Intel Core 2 Quad Q8300, 8GB DDR3, 750GB HDD, DVD±RW DL, Windows 7 Home Premium)
HP (Hewlett-Packard) TouchSmart IQ524 Desktop (2GHz Intel Core 2 Duo Mobile T6400, 4GB DDR2, 500GB, DVD±RW DL, Windows Vista Home Premium 64-bit, 22" LCD)
