Heads up HP users! Your HP PC may have been exposed to a cybersecurity threat. Researchers have found a serious flaw affecting the HP Touchpoint Analytics software. Upon exploit, the vulnerability could allow an attacker to execute arbitrary code on the device with elevated privileges.
HP Touchpoint Analytics Flaw
A serious vulnerability has risked the security of most HP PCs. Researchers from SafeBreach Labs have found a security flaw in HP Touchpoint Analytics that allows hacking devices. The vulnerability allowed an adversary to elevate user privileges on the target device and execute arbitrary codes.
Specifically, they found a local privilege escalation vulnerability in the Open Hardware Monitor, a component used by HP’s monitoring program Touchpoint Analytics. Since this program is pre-installed in most Windows devices and runs with NT AUTHORITY\SYSTEM permissions, a potential attacker could exploit the flaw to gain SYSTEM privileges.
Abusing this vulnerability could also allow an adversary to bypass app whitelisting and signature validation as well as evade security checks.
Patch Rolled Out – Update Now!
Upon discovering the flaw, the researchers reported the matter to HP, following which, the vendors released a fix. As stated in their advisory, the vulnerability CVE-2019-6333, affected HP Touchpoint Analytics software versions earlier than 126.96.36.19927. Users must ensure that their devices run this software version 188.8.131.5227 or more.
They have also given detailed procedures in their advisory for the users to check the software status on their devices.
Touchpoint Analytics is a pre-installed program on most Windows devices, including those running on Windows 10. According to HP, the program supposedly provides better support features by anonymously gathering device data.
While that sounds harmless, numerous users have complained about the program to result in high CPU usage. Some even suspected the software to be some ‘spyware’, to which, HP clarified its function. Nonetheless, many users also preferred to uninstall the program.