HPSBHF03439 rev.2 - HP Commercial PCs with Sure Start, Local Denial of Service

2016-02-25T00:00:00
ID HP:C05012469
Type hp
Reporter Hewlett­Packard Company, HP Software Security Response Team
Modified 2018-05-21T00:00:00

Description

Potential Security Impact

Denial of Service (DoS)

Source: Hewlett­Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY

HP has identified a potential security vulnerability with the Sure Start implementation on certain 2015 commercial platforms. This vulnerability could be exploited locally by administrator or root level privileges and if compromised, the Sure Start systems could fail to recover the BIOS.

RESOLUTION

HP has made the following product updates available for the impacted products. To obtain the updated firmware, go to the HP Software and Drivers page for your product and find the firmware update from the list of available software.

Series

|

Product name

|

BIOS Version

|

Win Softpaq

---|---|---|---

ZBook

|

HP ZBook 15 G3 & ZBook 17 G3

|

1.03

|

SP74756

ZBook

|

HP ZBook 15u G3

|

1.03

|

SP74756

ZBook

|

HP ZBook Studio G3

|

1.04

|

SP74757

1000 Series

|

HP EliteBook Folio 1040 G3

|

1.01

|

SP74768

1000 Series

|

HP EliteBook Folio 1012 x2 G2

|

1.1

|

SP74770

1000 Series

|

HP EliteBook 840 G3

|

1.04

|

SP74748

1000 Series

|

HP EliteBook 850 G3

|

1.04

|

SP74748

1000 Series

|

HP EliteBook 820 G3

|

1.04

|

SP74748

700 series

|

HP Elitebook 745 G3

|

1.08

|

SP74691

700 series

|

HP Elitebook 755 G3

|

1.08

|

SP74691

700 series

|

HP Elitebook 725 G3

|

1.08

|

SP74691

700 series

|

HP mt42 Mobile Thin Client

|

1.05

|

SP74761

800 series

|

HP EliteDesk 800 G2 TWR

|

2.09

|

SP74661

800 series

|

HP EliteDesk 800 G2 DM

|

2.1

|

SP74666

800 series

|

HP mp9 G2 Retail System

|

2.1

|

SP74666

800 series

|

HP EliteDesk 800 SFF

|

2.09

|

SP74661

800 series

|

HP EliteOne 800 G2 23-in T/NT

|

2.1

|

SP74680

700 series

|

HP EliteDesk 705 G2 MT/SFF

|

2.09

|

SP74655

700 series

|

HP EliteDesk 705 G2 DM

|

2.05

|

SP74677

700 series

|

HP EliteOne 705 G2 23in AiO T/NT

|

2.07

|

SP74686

Product name

|

BIOS Version

|

Win Softpaq

|

Linux Softpaq

---|---|---|---

HP Z240 Tower Workstation N51

|

01.11

|

SP74759

|

SP74760

HP Z240 SFF Workstation N51

|

01.11

|

SP74759

|

SP74760

HP Z238 Microtower Workstation N51

|

01.11

|

SP74759

|

SP74760