Bloatware App’s Flaw gets Fixed for HP

HP releases Updates this month to fix Bloatware Issues

HP
HP has released updates this month to address the issue of Bloatware. Pixabay

HP has issued a security advisory for its Touchpoint Analytics, to fix Bloatware which was said to be containing a security flaw that could let malware gain admin rights and take over vulnerable systems, as noted by security researchers from SafeBreach Labs.

HP has released updates this month to address the issue.

HP desktop and laptop owners were advised to follow instruction details in the company’s security advisory and updated its Touchpoint Analytics client at their earliest convenience, ZDNet reported on Friday.

The researchers had found the security flaw in HP Touchpoint Analytics in July, according to the Tech republic.

hp
The HP Touchpoint Analytics app falls under the category of bloatware. Pixabay

Security researchers at SafeBreach said that they uncovered a new vulnerability which meant every version below 4.1.4.2827 was affected by what they found.

The HP Touchpoint Analytics app is falls under the category of bloatware which essentially a type of software that comes pre-installed on new devices.

The app’s purpose is to collect diagnostics data about hardware performance and send the information back to the firm.

HP
HP desktop and laptop owners were advised to follow instruction details in the company’s security advisory. Pixabay

The app usually whitelisted and runs with admin rights on HP systems, to be able to access various details from software drivers and other hardware components.

According to Peleg Hadar, a security researcher with SafeBreach Labs, there is a way to hijack the application’s normal mode of operation and load malicious DLL files to run rogue code with elevated privileges.

ALSO READ: Modi Regime in Favour of ‘Minimum Government’

Hadar found that what security experts call a local privilege escalation (LPE), a type of vulnerability that’s quite common in modern software, the ZDNet report added. (IANS)