Whether it is a mobile phone or a computer, there are always a lot of software and services pre-installed at the factory. Some are very practical, some are wasteful of space, and sometimes they cause unnecessary trouble. Dell Computer recently recruited. According to Talos analysis of the Cisco security team, there are at least 3 different security holes in Dell preinstalled desktop and laptop software. Users must update the software and apply the latest patches as soon as possible.
The first and most critical vulnerability, numbered CVE-2016-9038, exists in the SboxDrv.sys driver file. Hackers can send specially crafted data to the \Device\SandboxDriverApi device driver to exploit this vulnerability because the driver is open to read and write access to all users and is used successfully to cause local privilege escalation.
CVE-2016-8732 is a protective failure vulnerability that exists in the InvProtectDrv.sys driver file for Dell Protected Workspace 5.1.1-22303 Enterprise Software. An attacker can use it to disable some software protection mechanisms and upgrade to 6.3.0. The version can be solved.
The last vulnerability, CVE-2017-2802, is similar in nature, affecting the PPO service of the Dell Precision Optimizer software. An attacker can use the modified atadidlxx.dll file to execute malicious code and need to upgrade to version 4.0 software to fix it.
Fortunately, at present, there are no cases where these vulnerabilities have been exploited by malicious users. However, Dell computer users can not take it lightly and quickly upgrade the pre-installed software.
Blank Shirts,Black Long Sleeve,Short Sleeve Hoodie,Woolen Sweater For Women
GUANGZHOU LIWEI ELECTRONICS CO.,LTD , https://www.gdliwei.com