HP finally fixes bug affecting hundreds of laptops and PC models

News
By
published

HP EliteBook, EliteDesk and Dragonfly models among those affected

Hands typing on a keyboard surrounded by security icons
(Image credit: Shutterstock)

HP has released a series of updates aimed at addressing a number of potentially serious security flaws affecting a large number of its computing devices.

First detected in November 2021, the malware issues affect some of HP's most popular brands, including EliteBook notebooks, EliteDesk desktops and its Z1 and Z2 workstations.

The flaws, tracked as CVE-2021-3808 and CVE-2021-3809 and given a high severity rating, could have allowed hackers to gain access to victim devices and run code with Kernel privileges, potentially allowing them to execute any command at a Kernel level.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022end of this survey

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

HP security worries

In a security advisory published on its website, HP noted that "potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities".

The company didn't go into any specific technical details regarding the issues, but is urging customers to download and update immediately. 

However, Nicholas Starke, the researcher who first discovered the flaws, outlined the potential effects that the issues may have had in a bit more detail.

Read more

> REvil ransomware is officially back, experts claim

> Mischievous hackers could use a simple trick to send printers berserk

> Criminals are using SEO to boost downloads of malicious PDFs

“This vulnerability could allow an attacker executing with kernel-level privileges (CPL == 0) to escalate privileges to System Management Mode (SMM). Executing in SMM gives an attacker full privileges over the host to further carry out attacks,” Starke noted in a blog post.

He outlined how a vulnerable SMI handler can be triggered through the Windows kernel driver, with attackers able to trigger remote code execution after finding the memory address of the "LocateProtocol" function and overwriting it with malicious code.

They could then install malware that would be unremovable, even using antivirus platforms or an OS reinstall. 

Some HP models are able to resist such attacks, Starke added, with the company's HP Sure Start software able to detect such interference, shutting down the host and urging users to approve a system boot.

The news comes shortly after HP issued patches for four dangerous vulnerabilities affecting hundreds of its printers that could lead to remote code execution, data theft, or denial of service.

Via BleepingComputer

TOPICS
Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Read more
The best free firewall
Sophos hotfixes remote code execution vulnerabilities in Firewall
A person at a laptop with a cybersecure lock symbol floating above it.
Hackers are still using old Ivanti bugs to break into networks
MediaTek
MediaTek reveals host of security vulnerabilities, so patch now
Digital image of a lock.
Xerox printer security risk could let hackers sneak into your systems
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
New UEFI Secure Boot flaw exposes systems to bootkits
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
AMD VM security tools can be bypassed, letting hackers infilitrate your devices, experts warn
Latest in Pro
Woman shocked by online scam, holding her credit card outside
Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Customer service 3D manager concept. AI assistance headphone call center
The era of Agentic AI
International Space Station
Is the moon too far for your data? IBM's Red Hat is teaming up with Axiom Space to send a data center into space
Woman using iMessage on iPhone
UK government guidelines remove encryption advice following Apple backdoor spat
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
A hand reaching out to touch a futuristic rendering of an AI processor.
Balancing innovation and security in an era of intensifying global competition
Latest in News
MacBook Air mute key
The new M4 MacBook Air finally fixes an Apple keyboard annoyance that's been around for decades
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
Apple iPhone 16 Review
Three iPhone 17 model dummy units appear in a hands-on video leak
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
New Samsung Galaxy S25 Edge may have revealed some key details – including its price
More about pro
International Space Station

Is the moon too far for your data? IBM's Red Hat is teaming up with Axiom Space to send a data center into space
Samsung NAND

Well, that's unexpected: Samsung will team up with its fiercest Chinese rival to produce next gen NAND flash
70mai 360 Omni 4K Dash Cam

I've reviewed dozens of dash cams, and 70mai's new rotating 4K dash cam is unlike any other
See more latest
Most Popular
International Space Station
Is the moon too far for your data? IBM's Red Hat is teaming up with Axiom Space to send a data center into space
Samsung NAND
Well, that's unexpected: Samsung will team up with its fiercest Chinese rival to produce next gen NAND flash
MacBook Air mute key
The new M4 MacBook Air finally fixes an Apple keyboard annoyance that's been around for decades
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Molecular hard drive
Chinese researchers are looking to create a revolutionary type of hard drive based on organic materials but huge unknowns remain
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 10 (game #1141)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 10 (game #372)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 10 (game #638)
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max