Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Gaming PCs. Show all posts

Microsoft Announced the End of Support for Windows 7 & 8

Microsoft has published a warning over the imminent end of support for Windows 8.1, which would not receive any updates or patches after January 10th, 2023.

According to the research, over 100 million computers were still running Windows 7 as of 2021, giving their owners little time to update them before they face the security hazards associated with utilizing an antiquated browser and operating system.

Windows 8.1 is still the fourth most popular Microsoft operating system in the world, according to the Statcounter team, with 2.45% of all Windows users having it installed on their computers. Given the fact that it will affect millions of individuals and expose numerous PCs to attack, this end of support is quite concerning. 

PCs running Windows XP, 7, or 8 were more prevalent than those running Windows 11 according to a Lansweeper survey of 27 million Windows devices conducted in October.

For systems running Windows 10 2004 or 20H2, Windows 10 21H1 was a minor feature update that was designed to be simple to install. It contained improvements to Windows Defender Application Guard, Windows Management Instrumentation via Group Policy, and support for several Windows Hello-enabled cameras. 

Along with the release of a new Chrome version, Google also disclosed that it will discontinue support for Windows 7 and Windows 8.1 in early 2023. For users to continue receiving new Chrome updates, their device must be running Windows 10 or later.

It would be wise for anyone running an outdated version of Windows to inspect their computers and make some critical adjustments this week. Microsoft has issued the warning because Windows 8.1 will soon stop receiving security updates and patches after January 10, 2023.

Millions of HP OMEN Gaming PCs Impacted by Driver Vulnerability

 

On Tuesday, security experts revealed data about a high-severity weakness in the HP OMEN driver software, which affects millions of gaming laptops worldwide and leaves them vulnerable to various cyberattacks. 

The vulnerability is tracked as CVE-2021-3437 with a CVSS score: 7.8. Threat actors may escalate privileges to kernel mode without having administrator rights, enabling them to deactivate security products, overwrite system components, and even damage the operating system. 

The complete list of vulnerable devices includes HP ENVY, HP Pavilion, OMEN desktop gaming systems, and OMEN and HP Pavilion gaming laptops. 

SentinelOne, a cybersecurity firm that identified and communicated the flaw to HP on February 17, claimed it discovered no trace of in-the-wild exploitation. Customers have subsequently received a security update from the company to address the flaw. 

The problems are caused by OMEN Command Center, a pre-installed component on HP OMEN laptops and desktops and can also be downloaded from the Microsoft Store. The program is meant to assist smooth network activity, overclock the gaming PC for quicker computer performance, and monitor the GPU, CPU, and RAM through a vitals dashboard. 

Souce of flaw

According to research shared with The Hacker News by SentinelOne, "The problem is that HP OMEN Command Center includes a driver that, while ostensibly developed by HP, is actually a partial copy of another driver full of known vulnerabilities." 

"In the right circumstances, an attacker with access to an organization's network may also gain access to execute code on unpatched systems and use these vulnerabilities to gain local elevation of privileges. Attackers can then leverage other techniques to pivot to the broader network, like lateral movement." 

HpPortIox64.sys is the driver in issue, and it gets its functionality from OpenLibSys-developed-WinRing0.sys, which was the origin of a local privilege escalation flaw in EVGA Precision X1 software last year (CVE-2020-14979, CVSS score: 7.8). 

In August 2020, researchers from SpecterOps highlighted, "WinRing0 allows users to read and write to arbitrary physical memory, read and modify the model-specific registers (MSRs), and read/write to IO ports on the host. These features are intended by the driver's developers. However, because a low-privileged user can make these requests, they present an opportunity for local privilege escalation." 

This is the second time WinRing0.sys has been identified as a source of security vulnerabilities in HP products. 

In October 2019, SafeBreach Labs discovered a critical vulnerability in HP Touchpoint Analytics software (CVE-2019-6333), which is included with the driver, possibly enabling malicious actors to read arbitrary kernel memory and effectively allowlist malicious payloads via a signature validation bypass. 

The discovery is the third in a series of security flaws affecting software drivers that SentinelOne has discovered since the beginning of the year. 

Earlier this year, they found a 12-year-old privilege escalation problem in Microsoft Defender Antivirus (previously Windows Defender) that hackers could exploit to acquire admin access on unpatched Windows computers.

And last month, SentinelOne reported on a 16-year-old security flaw discovered in an HP, Xerox, and Samsung printer driver that allows attackers to obtain administrative access to computers running the vulnerable software.