Skip to main content
  1. Home
  2. Computing
  3. News

Security researchers find several high-risk bloatware bugs on popular laptops

Jonathan Keane
By

HP Elite X3
Malarie Gokey/Digital Trends
Laptops made by five of the world’s biggest computer manufacturers are vulnerable to dangerous hacking thanks to flawed pre-installed software.

Security firm Duo Security has today published a new report from its Duo Labs division into pre-installed software, or bloatware, on laptops made by HP, Dell, Lenovo, Asus, and Acer. The security issues found with these original equipment manufacturers (OEMs) are mostly rooted in buggy updater software for pre-installed programs.

Recommended Videos

The full report found that none of the vendors took proper care in delivering software updates via a secure HTTPS line. This made it easier for would-be attackers to intercept traffic, gain access to users’ systems, and even take over computers. For example, in the report, Duo Labs stated that HP and Dell “often transmitted” files over HTTPS but Asus and Acer did not.

OEM-vendor-issues
Image used with permission by copyright holder

In the study, the researchers found a number of other security flaws specific to each OEM that could lead to arbitrary code execution, permitting the takeover of a computer.

Related

HP had two such vulnerabilities, which Duo Labs dubbed high risk, as well five medium-to-low-risk flaws. Asus and Lenovo had one high-risk bug each and Acer had two. Dell on the other was found to have one high-risk certificate flaw.

In the case of Asus, the researchers claimed that they were able to take over a computer manufactured by the company in less than 10 minutes.

According to the Duo Labs researchers, by allowing a range of pre-installed software onto their systems before they ship, OEMs struggle to double-check the security of each little piece of software.

Before publishing its research today, Duo Labs contacted or attempted to contact the five companies involved. The research was conducted between October 2015 and April of this year.

“Updaters are an obvious target for a network attacker, this is a no-brainer. There have been plenty of attacks published against updaters and package management tools in the past, so we can expect OEM’s to learn from this, right?” the researchers said.

HP and Lenovo responded well to their concerns, they said, by patching the flaws promptly and with the latter removing the software outright. Dell did its due diligence too, they added. Asus and Acer on the other hand have not sufficiently addressed the problems, according to the firm.

Finally, theresearchers warn users to be more skeptical of laptops after they purchase them. “Wipe any OEM system, and reinstall a clean and bloatware-free copy of Windows before the system is used,” they wrote in their conclusion.

Editors' Recommendations

Topics
Jonathan Keane
Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
Get this Asus laptop with a year of Microsoft Office for $199
asus vivobook go laptop deal amazon march 2024 lifestyle

You don't need to spend several hundreds of dollars on a new laptop that you'll use as a productivity tool because there are budget-friendly options like the Asus Vivobook Go L510MA. It's actually currently even cheaper from Walmart after an $80 discount, which brings its price down to just $199 from $279 originally. There's no telling how much time is remaining before the offer expires though, so if you want to take advantage of it, you're going to have to proceed with the purchase as soon as possible.

Why you should buy the Asus Vivobook Go L510MA
For a laptop that will be able to handle basic activities like doing online research, building reports, and browsing social media, you can't go wrong with the Asus Vivobook Go L510MA. It's equipped with the Intel Pentium Silver N5030 processor and 4GB of RAM, which are a far cry from the specifications of the best laptops, but it will be enough for simple tasks. The device also comes with a 15.6-inch screen with Full HD resolution, which is pretty large and sharp for its price, but it's still portable as it only weights about 3.5 pounds with a thickness of just 0.72 of an inch.

Read more
These are the 10 best gaming PCs I’d recommend to anyone
Graphics card in the CLX Hathor PC.

We review dozens of gaming PCs each year. In 2024, there are a ton of great options, but we've narrowed them down to a list of the 10 best gaming desktops that deserve your hard-earned money.

In 2024, we still recommend the Alienware Aurora R16 because of its fantastic design, solid performance, and decent value. However, there are several other options depending on your needs and budget. If you want a deeper look into how we evaluate gaming PCs, make sure to read about how we review desktops.

Read more
Samsung’s crazy 57-inch curved 4K monitor is $700 off today
The Samsung Odyssey Neo G9 57-inch mini-LED gaming monitor placed on a desk.

Your investment in gaming PC deals will  go to waste if you don't upgrade your screen, and if you're willing to splurge for the best possible gaming experience, you'll want to go for the 57-inch Samsung Odyssey Neo G9 curved gaming monitor. It's pretty expensive at its original price of $2,500, so you're going to want to take advantage of any discounts that are available. Fortunately, Samsung has slashed its price by $700 so it's down to $1,800 -- it's still not cheap, but once you're playing your favorite games on this monitor, you'll quickly understand why it's worth every single penny.

Why you should buy the 57-inch Samsung Odyssey Neo G9 curved gaming monitor
The Samsung Odyssey Neo G9 curved gaming monitor features a 57-inch screen with dual 4K Ultra HD resolution and a 1000R curvature, so it will fully immerse you in the worlds of the video games that you play with its lifelike details and vivid colors. It also supports HDR 1000 for better visual accuracy, and it uses Quantum Matrix technology for controlled brightness and improved contrast.

Read more