Skip to main content
  1. Home
  2. Computing
  3. News

Security researchers find several high-risk bloatware bugs on popular laptops

By

HP Elite X3
Malarie Gokey/Digital Trends
Laptops made by five of the world’s biggest computer manufacturers are vulnerable to dangerous hacking thanks to flawed pre-installed software.

Security firm Duo Security has today published a new report from its Duo Labs division into pre-installed software, or bloatware, on laptops made by HP, Dell, Lenovo, Asus, and Acer. The security issues found with these original equipment manufacturers (OEMs) are mostly rooted in buggy updater software for pre-installed programs.

Recommended Videos

The full report found that none of the vendors took proper care in delivering software updates via a secure HTTPS line. This made it easier for would-be attackers to intercept traffic, gain access to users’ systems, and even take over computers. For example, in the report, Duo Labs stated that HP and Dell “often transmitted” files over HTTPS but Asus and Acer did not.

OEM-vendor-issues
Image used with permission by copyright holder

In the study, the researchers found a number of other security flaws specific to each OEM that could lead to arbitrary code execution, permitting the takeover of a computer.

Related

HP had two such vulnerabilities, which Duo Labs dubbed high risk, as well five medium-to-low-risk flaws. Asus and Lenovo had one high-risk bug each and Acer had two. Dell on the other was found to have one high-risk certificate flaw.

In the case of Asus, the researchers claimed that they were able to take over a computer manufactured by the company in less than 10 minutes.

According to the Duo Labs researchers, by allowing a range of pre-installed software onto their systems before they ship, OEMs struggle to double-check the security of each little piece of software.

Before publishing its research today, Duo Labs contacted or attempted to contact the five companies involved. The research was conducted between October 2015 and April of this year.

“Updaters are an obvious target for a network attacker, this is a no-brainer. There have been plenty of attacks published against updaters and package management tools in the past, so we can expect OEM’s to learn from this, right?” the researchers said.

HP and Lenovo responded well to their concerns, they said, by patching the flaws promptly and with the latter removing the software outright. Dell did its due diligence too, they added. Asus and Acer on the other hand have not sufficiently addressed the problems, according to the firm.

Finally, theresearchers warn users to be more skeptical of laptops after they purchase them. “Wipe any OEM system, and reinstall a clean and bloatware-free copy of Windows before the system is used,” they wrote in their conclusion.

Editors' Recommendations

Topics
Jonathan Keane
Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
The new iPad Pro would be perfect, if only it were a Mac
A person gaming on the M4 iPad Pro and playing Diablo Immortal.

It’s no secret that I’ve been cheering on Apple’s gaming advances over the last year or so. Long-suffering Mac gamers have gone from being the forgotten also-rans of Apple’s ecosystem to feeling on top of the world, all in a very short period of time. But there’s one vital piece missing from the puzzle, and Apple’s new M4 iPad Pros have made it incredibly obvious.

I’ll admit, Mac gamers have been treated well in recent times. Not only have we had phenomenal hardware advancements in the form of the M3 Max chip -- which is a genuine gaming chip so cool and quiet that you’d be fooled into thinking it’s not -- but there’s also been a slate of top-tier games arriving on Apple’s platform, including my beloved Baldur’s Gate 3. It’s a good time to be a Mac gamer.

Read more
The incredible 49-inch Samsung Odyssey G9 gaming monitor is $500 off
Front view of Samsung's new QLED Odyssey gaming monitor sitting on desk.

A powerful gaming PC should be paired with an excellent display, so if you're willing to go all out on monitor deals, you should set your sights on the 49-inch Samsung Odyssey G9 curved gaming monitor. From its original price of $1,300, it's down to a more reasonable $800 following a $500 discount from Samsung. It's still not what you'd call cheap, but it's the screen that you want for an unparalleled PC gaming experience. However, it's highly recommended that you complete the purchase now because tomorrow may already be too late if you want the savings.

Why you should buy the 49-inch Samsung Odyssey G9 curved gaming monitor
The Samsung Odyssey G9 curved gaming monitor is one of the best gaming monitors that you can buy right now, with a 49-inch screen that features dual QHD resolution and a 1000R curvature for a completely immersive gaming experience. The monitor also offers a 240Hz refresh rate that keeps on-screen movements extra smooth, a 1ms response time that minimizes blur for precise gaming, and support for AMD's FreeSync Premium Pro that eliminates screen tearing and stuttering.

Read more
This 13-inch MacBook Air deal cuts the price by $150
The screen of the MacBook Air M2.

For those who are on the hunt for MacBook deals, you may want to check out Best Buy's bargain for the 13.6-inch Apple MacBook Air M2. The model with 256GB of storage and 8GB of RAM is down to $849, following a $150 discount on its original price of $999. We don't think this offer will last long though, so if you want to take advantage of it, there should be no hesitation on your end -- add it to your cart and proceed with the checkout process as soon as you can.

Why you should buy the 13.6-inch Apple MacBook Air M2
The 13.6-inch Apple MacBook Air M2 isn't the latest model of the laptop, but it's still featured in our list of the best MacBooks as the MacBook for everyone. That's because with its reduced price -- which is even lower with Best Buy's discount -- the machine is a relatively budget-friendly option for those who are planning to switch to a MacBook or to upgrade from an older model to enjoy Apple's own silicon. The Apple M2 processor, combined with an eight-core CPU, eight-core GPU, and 8GB of RAM, provides incredible performance that will be able to handle even the most demanding tasks for work or school.

Read more