HP has issued a warning of a vulnerability in its much-unloved Support Assistant tool.
The flaw in the service, which comes pre-installed on all HP laptops and desktops, was discovered by Secure D researchers, who noted it to be especially worrying with a “high” severity score of 8.2.
The experts say that cyber-attackers could make use of an infected HP Support Assistant tool to elevate their privileges on vulnerable systems, gaining access without permission.
An advisory (opens in new tab) notice issued by HP says that the DLL hijacking flaw is triggered when users launch HP Performance Tune-up from within HP Support Assistant – an app that is designed to help computer users troubleshoot problems and perform diagnostic tests, and to check for BIOS and driver updates, among other features.
The DLL vulnerability, dubbed CVE-2022-38395, involves threat actors injecting malicious code into the HP Support Assistant, which then exploits Windows’ logic to prioritize those libraries against DLLs in the System32 directory.
In an effort to iron out the vulnerabilities that have been spotted, HP is urging its customers to update the Support Assistant app immediately. A security update for version 9.x has been launched on the Microsoft Store, however users on versions 8.x will not get a security patch. Instead, they too are being urged to update to the latest version of 9.x, which can be accessed through the ‘Check for updates’ button in the ‘About’ section.
BleepingComputer highlights that this isn’t the first time that HP’s Support Assistant app has suffered from vulnerabilities. In fact, we reported that ten flaws were found in October 2019, some of which were unpatched for more than a year after they were initially discovered.
While keeping software up-to-date is one way of staying on top of security patches, more software will inevitably lead to more potential vulnerabilities. With that in mind, removing unnecessary or unwanted software provides a solution that, at the same time, frees up disk space and processing power on your machine.
Via BleepingComputer (opens in new tab)