HPSBHF3550 rev. 2 - HP ThinPro Keyboard Layout Control Panel and Virtual Keyboard Application Vulnerability

Potential Security Impact

Local unauthorized access and unintentional elevation of privilege on a HP thin client device.

VULNERABILITY SUMMARY

A potential security vulnerability has been identified with the keyboard layout control panel and virtual keyboard application on HP ThinPro operating system. The vulnerability could result in local unauthorized access and unintentional elevation of privilege on a HP thin client device.

RESOLUTION

HP has released the following software updates to resolve the vulnerability. Patches for the affected version of HP ThinPro can be found through the links below:

• [HP ThinPro 6.1](<http://ftp.hp.com/pub/tcdebian/updates/6.1/service_packs/hptc_keyboard_layout-3.3.4_1-ThinPro-6.1.xar >)

• [ HP ThinPro 6.0](<http://ftp.hp.com/pub/tcdebian/updates/6.0/service_packs/hptc_keyboard_layout-3.3.4_1-ThinPro-6.0.xar >)

• [HP ThinPro 5.2.1](<http://ftp.hp.com/pub/tcdebian/updates/5.2.1/service_packs/hptc_keyboard_layout-3.3.3_2-ThinPro-5.2.1.xar >)

• HP ThinPro 5.2

• HP ThinPro 5.1

• HP ThinPro 5.0

• HP ThinPro 4.4

• HP ThinPro 4.4 (ARM)