|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Daily Archives: September 30, 2020
-
If your organization uses HP Device Manager to control thin clients, you need to plug this hole now
News early this morning from Thomas Claburn at The Register
HP Device Manager, software that allows IT administrators to manage HP Thin Client devices, comes with a backdoor database user account… the account can be exploited to achieve privilege escalation and, in conjunction with other flaws, gain unauthorized remote command execution as SYSTEM.
This is bad: if you can reach a vulnerable installation of this device manager on a network, you can gain admin-level control over its machine and the thin clients it controls. HPDM typically runs on a Windows-powered server, and directs multiple Windows clients.
HP just updated its security bulletin HPSBHF03689.
There’s an updated HP Device Manager coming. In the interim, make sure you follow the HP remediation steps — and close up the hole manually following @nickstadb ‘s steps in The Reg.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Windows 11 Insider Preview Build 22635.5235 (23H2) released to BETA
by 9 minutes ago
-
A Funny Thing Happened on the Way to the Forum
by 11 hours, 6 minutes ago
-
Download speeds only 0.3Mbps after 24H2 upgrade on WiFi and Ethernet
by 5 hours, 50 minutes ago
-
T-Mobile 5G Wireless Internet
by 2 hours, 4 minutes ago
-
Clock missing above calendar in Windows 10
by 1 hour, 12 minutes ago
-
Formula to Calculate Q1, Q2, Q3, or Q4 of the Year?
by 14 hours, 55 minutes ago
-
The time has come for AI-generated art
by 23 hours, 38 minutes ago
-
Hackers are using two-factor authentication to infect you
by 4 hours, 39 minutes ago
-
23 and you
by 11 hours, 54 minutes ago
-
Aprilโs deluge of patches
by 16 hours, 5 minutes ago
-
Windows 11 Windows Updater question
by 21 hours, 51 minutes ago
-
Key, Key, my kingdom for a Key!
by 1 day, 20 hours ago
-
Registry Patches for Windows 10
by 2 days, 1 hour ago
-
Cannot get line length to NOT wrap in Outlining in Word 365
by 1 day, 7 hours ago
-
DDU (Display Driver Uninstaller) updates
by 17 hours, 9 minutes ago
-
Align objects on a OneNote page
by 2 days, 6 hours ago
-
OneNote Send To button?
by 2 days, 7 hours ago
-
WU help needed with “Some settings are managed by your organization”
by 2 days, 16 hours ago
-
No Newsletters since 27 January
by 20 hours, 35 minutes ago
-
Linux Mint Debian Edition 7 gets OEM support, death of Ubuntu-based Mint ?
by 1 day, 16 hours ago
-
Windows Update “Areca Technology Corporation – System – 6.20.0.41”
by 1 day, 15 hours ago
-
Google One Storage Questions
by 23 hours, 12 minutes ago
-
Button Missing for Automatic Apps Updates
by 1 day, 6 hours ago
-
Ancient SSD thinks it’s new
by 1 day, 21 hours ago
-
Washington State lab testing provider exposed health data of 1.6 million people
by 3 days, 6 hours ago
-
WinRE KB5057589 fake out
by 17 hours, 25 minutes ago
-
The April 2025 Windows RE update might show as unsuccessful in Windows Update
by 2 days, 14 hours ago
-
Firefox 137
by 6 hours, 28 minutes ago
-
Whisky, a popular Wine frontend for Mac gamers, is no more
by 3 days, 19 hours ago
-
Windows 11 Insider Preview build 26120.3863 (24H2) released to BETA
by 3 days, 19 hours ago
Remembering Woody
