ASUS have addressed the issue reported yesterday, if you hadn't seen the updated post, today it is Huawei that is the problem. As part of the latest update to Windows 10, Microsoft deployed new tools which can detect software accessing the kernel in less than auspicious ways and they immediately spotted an issue with Huawei's PC Manager app, which updates drivers on their products. All an attacker need do is create malicious instance of the MateBookService.exe and even without running it with full admin privileges they could still gain control of the machine.
The good news, as The Inquirer points out, is that this was patched back in January so unless you haven't updated in a while you are safe.
"Security boffins from Microsoft discovered a pretty nasty local privileged execution vulnerability in the Huawei PCManager driver software, found in machines like the MateBook X Pro, after new kernel sensors were brought into Windows 10 through the much-maligned October 2018 Update."
Here is some more Tech News from around the web:
- Huawei driver flaw left Windows 10 systems open to kernel-level hacks @ The Inquirer
- Google to build new R&D center in Taiwan @ DigiTimes
- With the right training, algorithms can predict Li-ion battery lifetime – with 95% accuracy @ The Register
- BitTorrent Live Returns as a Snapchat-like Social Media App @ Slashdot
- Google is using AMP to make emails a bit less rubbish @ The Inquirer
- Apple Still Hasn't Fixed Its MacBook Keyboard Problem @ Slashdot
- Guru3D Rig of the Month – March 2019
- ApexGaming Elite ZT Motorized Desk Riser Review @ NikKTech
These OEM based automatic
These OEM based automatic updaters, that’s not working out so well for security. It’s best to maybe allow folks to uninstall all that OEM Crap and update manually. I can see software that checks for updates but that software should not be able to be run in the background or with any Kernel Access. It’s best to go with some user initated Firmware/Software system and stop all this automatic actions in the background updating.
What happend to the old methods where the Task Bar Icons were animated when some software was updating or scanning.
So those “Security boffins from Microsoft” are really needed for fixing Intel’s own security issues and maybe M$ needs to hire back more QA/QC folks also.
M$ needed more tools for it’s OSs for a good long time that had more to do with the underlying OS, like the OS reporting on Discrete/Integrated GPU activity in addition to the CPU’s goings on. I’d like to see the OS able to map out the entire PC/Laptop’s bus topology including PCIe lanes to what controllers and root hubs/etc. Make that available for folks to suss out a Laptop’s resources more thoroughly like Numbers of PCIe lanes attatched to Thunderbolt controllers and USB controllers/etc.
The old TRS-80’s came with a set of full system schematics and a listing of all the on mainboard chips/other chip on I/O and desplay/other devices, and don’t tell me that there are none available on Laptops as the engineering Folks had that made in advance of production. So just include a PDF, or some Windows Software than can do that mapping on any PC/Laptop out there. All of a PC/Laptop’s, other device’s, bus topology is enumerated in software/firmware tables so it’s not hard for some software that’s able to produce a rough schematic from that enumeration data.
This is why my quad core Sandy Bridge Samsung Series 3 laptop is not as responcive at my Sandy Bridge Dual core i5 based ASUS laptop. Talk about slow that Samsung System Software is terrible with the laptop having to load software from disk just to turn on/off the Wifi/Bluetooth while the ASUS laptop has all its function key functionality in memory and at high priority.
Laptop designs are a crap shoot, from bith the hadrware and software perspective, for sure and M$ has not been really concentrating on the OS’s core functionality to assist users’ usability or security. Really it’s about Time that Laptop OEMs where forced to standardize their offerings more in the MB Topology/Designs in the name of security and usability.
Maybe the Samsung will run more responsive under Linux after Windows 7 goes EOL, but who knows. Maybe I can get a OEM copy of Windows 8.1 and live until 2023.