HP Support Assistant has a DLL Hijacking Vulnerability
HP Support Assistant is a software program that is included on HP computers and notebooks. The program is also available as a standalone download; customers who use HP peripherals, such as printers or scanners, may install it to manage these devices on non-HP PCs.
HP published a HP Support Assistant security advisory on its website on September 6, 2022. According to the information, HP Support Assistant is vulnerable to DLL hijacking.
DLL hijacking is a common attack technique that exploits weaknesses in the DLL loading order on Windows, provided that programs do not specify library paths properly. Attackers may exploit the weakness by placing malicious DLL files in locations that are prioritized over the location of the legitimate DLL file.
Tip: DLL Hijack Detect is an open source tool to detect potential issues in Windows applications regarding DLL hijacking.
HP explains on the security advisory:
HP Support Assistant uses HP Performance Tune-up as a diagnostic tool. HP Support Assistant uses Fusion to launch HP Performance Tune-up. It is possible for an attacker to exploit the DLL hijacking vulnerability and elevate privileges when Fusion launches the HP Performance Tune-up.
The vulnerability has a severity rating of high, the second highest after critical.
HP published an update for its HP Support Assistant software that includes the fix. The company recommends that customers turn on automatic updates to install the latest version. Alternatively, customers may download the latest version of HP Support Assistant from the official website.
The link that HP published at the time of writing is not working; we replaced it with a working one above.
HP Support Assistant 9 for PC requires a PC with Windows 10 or 11. A legacy version is provided for customers who run older versions of Windows. It is unclear from HP's description if the legacy version has received an update as well.
HP lists all versions of HP Support Assistant earlier than 9.11 as affected, which suggests that an update has not been released for the legacy version.
Many PC manufacturers install custom proprietary software on their devices. Some users uninstall these products, as they tend to be very heavy and have limited uses, but the majority of PC users is keeping these installed on their devices.
Now You: do you keep software from the PC's manufacturer installed, or uninstall it?Advertisement