"Millions" of gaming devices, including a wide variety of HP Omen gaming laptops (opens in new tab) and desktops, as well as HP Pavilion (opens in new tab) and HP Envy (opens in new tab) models, need to be updated immediately, HP (opens in new tab) said.
Researchers from SentinelLabs published details of the vulnerability, tracked as CVE-2021-3437, which can be exploited by threat actors to escalate privileges and disable security solutions, and conduct all kinds of malicious activities.
“This high severity vulnerability affects millions of PCs and users worldwide. While we haven’t seen any indicators that these vulnerabilities have been exploited in the wild up till now, using any Omen (opens in new tab)-branded PC with the vulnerable driver utilized by Omen Gaming Hub makes the user potentially vulnerable,” note (opens in new tab) the researchers.
- Here's our choice of the best malware removal (opens in new tab) software on the market
- Also take a look at the best firewall apps and services (opens in new tab)
- These are the best endpoint protection tools (opens in new tab)
The vulnerability was responsibly disclosed to HP in February, 2021, but SentinelLabs hasn’t found any instances of it being exploited in the wild.
Returning flaw
Parsing through the technical analysis, BleepingComputer reports that the vulnerability existed in the HP Omen Command Center, which helps gamers tweak the settings of their gaming machines.
The software can also be grabbed from the Microsoft Store for any Windows 10 (opens in new tab) PC that uses accessories sold under HP's Omen brand, which further increases the number of potentially exploitable computers.
As per the researchers, the source of the bug is a driver that partially relies on the open source (opens in new tab) WinRing0.sys driver to help manage various low-level actions.
“The link between the two drivers can readily be seen as on some signed HP versions the metadata information shows the original filename and product name. Unfortunately, issues with the WinRing0.sys driver are well-known,” share the researchers.
HP first released patches for the vulnerability through the Microsoft Store on July 27, before publishing a security advisory (opens in new tab) to coincide with SentinelOne’s analysis.
Although the researchers haven’t spotted any exploits based on the vulnerability, they urge all impacted users to “ensure they take appropriate mitigating measures without delay.”
- Protect your devices with these best antivirus software (opens in new tab)
Via BleepingComputer (opens in new tab)