Need help? Chat now!
Search results for:
Kaspersky Lab researchers have recently released a report announcing that a "_legitimate anti-theft software_" can leave personal computer systems "_vulnerable to remote hijack_, "according to an article published by S.C. Magazine. Furthermore, the article states that this vulnerability impacts "_millions of users with the activated installation_" of this software on their computers.
According to the article, Kaspersky's findings outlined the product "Absolute Computrace_" which was developed by the Texas-based company Absolute Software. The report confirms that their product page claims that the software "_allows organizations to persistently track and secure all of their endpoints within a single cloud-based console_" which is concerning to Kaspersky researchers. The research that Kaspersky experts have conducted "_haven't seen any evidence of Computrace's weaknesses being used to carry out attacks\, "but they have determined that "_an_ attack on a local area network via address resolution protocol (ARP) poisoning was possible."
The researcher's report indicates that because this "tracking_" software is "_pre-installed in the firmware of laptops and desktops_" and complex for users "_to remove or disable\, "the flaws in its_ security are an obvious issue. The article quoted the report by stating, "_The protocol used by the [Computrace] Small Agent provides the basic feature of remote code execution. However, the protocol doesn't use any encryption or authorization with the remote server, which creates numerous opportunities for remote attacks in a hostile network environment."
Read more about how this software may be activated on approximately "_2 million computers around the globe, with the majority of computers located in the U.S. and Russia_" in the full article here at S.C. Magazine.
Written by Bryon Turcotte / February 13, 2014