Tuesday, January 09, 2007

Backdoor in Acer Laptops

About those Acer laptops that AMD and Microsoft sent to some of the most influential Microsoft bloggers . . .

Reported by Heise Security today:
"Many Acer laptops have a dangerous backdoor, which can be used by websites to gain complete control over the laptop. The problem lies with the LunchApp.APlunch Active X control, which is installed by default and which heise Security found on all the Acer laptops it tested . . ."
"The control, with class ID D9998BD0-7957-11D2-8FED-00606730D3AA, is marked as safe for scripting by the manufacturer, so that any website can call it and control it using JavaScript. Using the Run method, it would be possible to launch any program on the system at will, and even pass parameters to programs it is launching. It would, for example, be possible to download and install a keylogger. . ."
From the Heise Security report, this works on IE6 without intervention, while IE7 requires permission from the user to allow automatic launching of programs. With Windows XP Service Pack 2 the LunchApp.APlunch can be deactivated from "Tools > Internet Options > Programs > Manage Add-ons".

Update: F-Secure's Report on Acer's "Preloaded Vulnerability".

No comments: