Out-of-Box Exploitation: A Security Analysis of OEM Updaters

[Corrine]

Duo Security conducted a study of the out-of-box experience (OOBE) of OEM (Original Equipment Manufacturers) PCs.  One of the major things they found was the presence of third-party update tools. Every OEM they looked at included one (or more) with their default configuration.  Duo Security identified and reported twelve unique vulnerabilities across all of the vendors and identified a number of concerning trends. 

Blog Post: Out-of-Box Exploitation: A Security Analysis of OEM Updaters

Report (PDF):  Out-of-Box Exploitation: A Security Analysis of OEM Updaters

[Corrine]

Related:  Lenovo begs users to uninstall Accelerator app in the name of security

Lenovo has urged users to uninstall bloatware bundled on Windows 10 devices by the company after critical security holes were discovered.

This week, the Chinese PC maker said in a security advisory a vulnerability within the company's Lenovo Accelerator Application software is a "high severity" problem which could give attackers the avenue to launch man-in-the-middle (MITM) attacks against users.

MITM attacks occur when a vulnerable machine has been infected with malware which contains surveillance capabilities or a vulnerable web browser is communicating with an insecure server.

List of impacted devices:  https://support.lenovo.com/gb/en/product_security/len_6718