Acer/Windows & Sicurezza
A Warning to Windows Users on Acer Laptops - Security Fix
La notizia arriva dal sito del Washington Post. Brian Krebs, su "Security Fix", informa circa una minccia residente su molti laptop Acer dotati di sistema operativo - guarda caso - Windows. Il problema riguarderebbe il controllo ActiveX - o meglio "hacktiveX" come segnala Krebs - un guaio perchè consentirebbe il controllo remoto del PC mentre l'utene sta navigando con una qualunque versione di IE. Krebs ricorda che Security Fix, circa un anno fa, aveva già trattato dei problemi legati ai controlli ActiveX. Il post prosegue e rimanda ad un'interessante ricerca pubblicata a novembre :
by Tan Chew Keong
Date Posted: 2006-11-19
Date Posted: 2006-11-19
Riporto integralmente l'articolo di Brian Krebs.
"Anyone using a laptop made by computer maker Acer Inc. should be aware of a serious security threat apparently resident on many -- if not all -- models shipped with Microsoft's Windows O S over the past decade or so. According to research first published in November and picked up only recently by geek and security news sites, Acer computers ship with a Microsoft ActiveX control that gives bad guys the ability to control any aspect of the computer remotely if the user is browsing with any version of Internet Explorer but the latest (at least in IE7 the browser is supposed to ask you if you want to run the ActiveX control, whereas older versions of IE may simply let it run automagically). Online criminals would need to lure the Acer user to a malicious Web site to pull off the hijacking -- a common Internet fraud tactic.iMac&I
ActiveX (or "hacktiveX" as it is sometimes derisively called by security researchers) is a Microsoft creation that is deeply woven into the Windows operating system and into Internet Explorer. ActiveX was designed to allow Web sites to develop interactive, multimedia-rich pages, but such powerful features rarely ever come without security trade-offs.
It's not clear what function this particular ActiveX has, other than to perhaps make it easier for Acer to troubleshoot issues should customers call with support problems. Acer users can check to see whether the control is present on their machine by clicking "Start," "Search," and then entering the filename, "lunchapp.ocx". It's probably safe to go ahead and remove it by clicking "Start," "Run," and type "regsvr32 -u lunchapp.ocx" (without the quote marks). Although it might not be a bad idea to set a restore point in Windows before you do (in Windows XP, you can get to the page to set a System Restore point by clicking "Start," "Programs," "Accessories," and then "System Tools.")
I put a query in to Acer about this on Monday and again today, but have to hear back from them. I'll be sure to update this post in the event that I receive a response. About a year ago Security Fix wrote about the danger of sloppily designed ActiveX controls. Cue the wavy lines on the screen and psychadelic music as we take you back to that post:
As it turns out, a poorly designed ActiveX control distributed by a Fortune 500 company that most consumers already trust can be just as dangerous as a malicious control foisted by a dodgy Web site. According to estimates by Richard M. Smith, a privacy and security consultant at Boston Software Forensics, more than half of all Windows PCs contain one or more ActiveX controls which allow for system takeover from malicious Web pages.Smith found dangerous security problems in ActiveX controls distributed by dozens of other major companies, including PC manufacturers and even some of the nation's largest Internet service providers. In some cases, he said, these insecure controls come pre-installed on a Windows PC from the factory. Last year, computer maker HP and Internet service provider America Online fixed similar flaws in ActiveX controls that shipped with their software.The most recent high-profile scare over an ActiveX control came as part of the recent controversy over a flawed piece of anti-piracy software installed by certain Sony BMG music CDs. After the label released a program to help customers remove the software, security experts found that the program left behind an ActiveX control that any Web site could use to plant any files -- even viruses or spyware -- on a visitor's computer if they browsed the site with IE."
Nessun commento:
Posta un commento