Remember these GSD blog posts from a year ago or so?
- Lenovo Superfish – Cleanup in Seafood Isle Needed!
- Noodling down in the Bayou for Superfish-like SSL Shenanigans
- Same Bread; brought to you by Dell
- So that’s how it works: Windows Platform Binary Table (WPBT)
I guess you can’t keep a crappy “helpful app updater” down when it is an exploitable “feature” to help consumer’s out.
- Out-of-Box Exploitation: A Security Analysis of OEM Updaters - Duo Security
- OEM Updaters put PCs at risk - gHacks Tech News
- Lenovo begs users to uninstall Accelerator app in the name of security - ZDNet
- Lenovo Tells Users to Uninstall Vulnerable Updater - Kaspersky Labs Threat Post blog
- Bloatware Insecurity Continues to Haunt Consumer, Business Laptops - Kaspersky Labs Threat Post blog
- Out-of-the-box exploitation possible on PCs from top 5 OEMs - Ars Technica
- Hijacking the PC Update Process - Schneier on Security