Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
HP Security Windows

Top Windows OEM Lenovo Urges Customers To Uninstall Accelerator Application (lenovo.com) 49

Two-Factor Authentication service Duo Security reported earlier that third-party updating tools found on Dell, HP, Lenovo, Acer, and Asus (the top five Windows OEMs) are vulnerable to man-in-the-middle attack. Hours later, Lenovo, the world's largest Windows OEM by shipment figure, has issued an advisory in which it urges users to uninstall Accelerator Application, which comes preinstalled on many of its laptops and desktops models. Fortune reports: Specifically, as Lenovo said in an advisory notice, the auto-update feature in its Accelerator Application software can be exploited by a "man-in-the-middle attack" -- someone could get in between the computer and the server pushing out the updated software, fooling the computer into installing a fake version of the update instead of the genuine article. Such attacks can allow anything from surreptitious malware installation to the insertion of surveillance capabilities, or even the hijacking of PCs.
This discussion has been archived. No new comments can be posted.

Top Windows OEM Lenovo Urges Customers To Uninstall Accelerator Application

Comments Filter:
  • by ErichTheRed ( 39327 ) on Thursday June 02, 2016 @12:27PM (#52234305)

    I wouldn't be surprised if more attacks don't start targeting the installed-by-default bloatware on most home and some business PCs. From what I've seen, these steaming piles are usually written by the cheapest offshore dev place the vendor could find, or are licensed reskinned third-party applications using a million out of date components. The good news is that there are fewer vendor-specific tools absolutely _required_ to run hardware on a Windows laptop anymore because Microsoft provides native controls for most components in Windows 10. The bad news is that the few that remain required are very tied to the hardware and probably have a lot of privilege use on the system that people don't know about. Just look at what happens on some HP laptops when you press the Volume or Brightness keys -- CPU spikes for a few seconds while Windows loads whatever .NET module HP wrote to talk to the device driver and tell it to do its thing. I doubt any of that interaction is heavily audited or even well tested before it goes out.

    All the more reason to just wipe the machine and install a clean OS build from scratch when you get it!

    • by bmo ( 77928 )

      I wouldn't be surprised if more attacks don't start targeting the installed-by-default bloatware on most home and some business PCs.

      https://duo.com/blog/out-of-bo... [duo.com]


      "The level of sophistication required to exploit most of the vulnerabilities we found is somewhere between that possessed by a coffee stain on the Duo lunch room floor and your average potted plant - meaning, trivial."

      --
      BMO

      • "The level of sophistication required to exploit most of the vulnerabilities we found is somewhere between that possessed by a coffee stain on the Duo lunch room floor and your average potted plant - meaning, trivial."

        That sounds like something Douglas Adams would have wrote.

  • This headline brought to you by the department of redundancy department.
  • by jddj ( 1085169 ) on Thursday June 02, 2016 @12:33PM (#52234371) Journal

    The app so nice, they had to name it twice?

    Or maybe it's an Application Application because of two-factor?

  • Lenovo Laptops (Score:5, Informative)

    by CrashNBrn ( 1143981 ) on Thursday June 02, 2016 @12:52PM (#52234535)
    NTLite [ntlite.com] + (Windows10 ISO [microsoft.com] | Insider Preview ISO [microsoft.com]) + slipstreamed Lenovo Drivers + create ISO.
    Rufus [rufus.akeo.ie] to USB Stick (GPT Partition Scheme, FAT32).
    Clean Install Windows 10. Change License key to: VK7JG-NPHTM-C97JM-9MPGT-3V66T
    Change License key to purchased Windows 10 Pro key. Register.

    Don't even bother trying to use the recommended Media Creation Tool [microsoft.com]. When you have a OEM Windows machine it appears to ALWAYS fail to actually create the media (usb stick).
    • Addenum:
      Windows 10 Pro licenses for $29.99. [google.com]. Granted, I was skeptical, but the licenses are valid, and they (Bonanza) have guaranteed refunds along with payment via Paypal or Amazon Pay.
      • G2A is another retailer specializing in reselling legitimate software licences. I've used them for Windows licenses and security software licenses, without any issues.

    • I manage over 200 computers both from Lenovo and Dell and have experienced this 0 times. What does it do when it fails? Is there data on the stick but not booting? Does the media creation tool give an error of some kind?
      • windows activation error code 0xc004f014 [google.com]:
        Error Code 0x80070456 - 0xA0019 - Windows 10 Media Creation Tool - USB - Microsoft Community [microsoft.com]

        On both my HP Laptop with Win 8 Home. And my Lenovo Laptop with Win 10 Home. The Media Creation Tool downloads the ISO to "somewhere". Then promptly fails to actually create the media (USB) with the aforementioned error.
        • Dammit, ignore the activation code google link. Thats from trying to upgrade from OEM Windows Home "N" to Pro, without first putting in the "VK7JG-NPHTM-C97JM-9MPGT-3V66T" key to initiate the upgrade to Pro. Since even though I used a Windows 10 PRO "disc" - due to their being a Lenovo Volume Licensing Windows HOME key burned in the BIOS, the installer puts Windows Home onto your SSD|HD. Then you need to upgrade to Pro. Reboot. Enter Valid Pro key. Register.
        • thank you for the info wow that sucks :( my systems are all 8.1 pro units with the keys stored in hardware so maybe that changes things.
    • <NOTE>: You will need to turn off "secure boot" in the UEFI (BIOS) to install a non-signed ISO.
    • Why VK7JG-NPHTM-C97JM-9MPGT-3V66T?

  • Just use the exploit in the application to uninstall the application. Users who would be effected by the exploit will have the application removed, users who would not be effected will not have it removed.
     
    Is it legal? No. But who among the people that still have this bloatware installed is going to notice?

"...a most excellent barbarian ... Genghis Kahn!" -- _Bill And Ted's Excellent Adventure_

Working...