Computers & Electronics

Millions of Dell, HP, and Lenovo PCs sitting ducks for firmware attacks

  • Last Updated:
  • Feb 25th, 2020 7:35 pm
[OP]
Deal Expert
User avatar
Apr 16, 2001
16262 posts
2945 upvotes

Millions of Dell, HP, and Lenovo PCs sitting ducks for firmware attacks

Your text to link here...

"Millions" of laptops and desktops made by Dell, HP, Lenovo and other companies are vulnerable to attack, thanks to unsecured firmware used by the webcams, trackpads, USB hubs, Wi-Fi cards and other peripheral devices from third-party suppliers that are built into the PCs.

Models proven to be vulnerable to these peripheral firmware flaws include:

-the Lenovo ThinkPad X1 Carbon (6th Gen) laptop which uses a vulnerable trackpad made by Synaptics that doesn't verify its own firmware updates
-the HP Spectre x360 Convertible 13-ap0xxx laptop line, whose webcam is made by SunplusIT, also doesn't verify its firmware updates and can be hacked by malicious USB drives
-and the Dell XPS 15 9560 laptop, whose Wi-Fi card, made by Rivet Networks and provisioned by Qualcomm, accepts unverified firmware updates even though Windows 10 goes through the trouble of verifying the updates before they're loaded.
Automatic down-votes: Eufy, D-Link, TP-Link, Newegg, Canada Computers, any Chinese-owned cellphone, laptop or IoT device.
1 reply
Deal Addict
Apr 29, 2018
2192 posts
1599 upvotes
Vancouver
Nearly all devices will accept unsigned firmware. Forget laptops, this is more about things like USB Keys, keyboards, mice, webcams, USB Hubs, certain Converters/Adaptors, Network Cards, Sound Cards, HDDs, SSDs, Displays, etc.

Nearly everything is essentially a computer, has firmware and most of it is unsecured, or has the most minimal of checks.

But then again, these are all Mossad level attacks and unlikely to affect most people.
Can't Stop. Won't Stop. Game Stop

Top