HPSBGN03438 rev.2 - HP Support Assistant, Local Authentication Bypass

Potential Security Impact

Authentication Bypass

Source: Hewlett­Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY

A potential security vulnerability has been identified in HP Support Assistant. This vulnerability could be exploited locally to allow authentication bypass.

RESOLUTION

HP has provided HP Support Assistant version 8.1.52.1 to resolve this vulnerability. HP Support Assistant version 8.1.52.1 is available in SoftPaq SP74103.

To update HP Support Assistant, choose ONE of the following methods:

• Method 1 - Download the latest version of HP Support Assistant.

  1. Go to the HP Support Assistant web page.

  2. Under Download HP Support Assistant, choose Notebooks, laptops, netbooks or Home and business desktops.

• Method 2 - Update via HP Support Assistant.

  1. Open HP Support Assistant.

  2. Click Check for updates and messages.

  3. In addition, you can optionally set up automatic updates in the Settings section (accessible by selecting the Settings button at the top-right corner of the HP Support Assistant window).