HP laptops come with some software to keep them updated and to help HP provide support. Lately there have been a couple of vulnerabilities discovered in these tools.
A support feature on HP computers is something called HP Virtual Rooms, an online collaboration suite. There’s a flaw in the ActiveX control that it uses and it’s possible to create a web page that lets someone install programs on your computer.
The file at risk is called HPVirtualRooms14.dll. If you have an HP computer you can check the properties of this file (do a search for the file), if it’s version 1.0.0.100 then it’s at risk.
The best defence is to have a good anti virus package, and to update this tool when HP get around to releasing an update.
The second HP vulnerability is with HP’s Software Update utility. This utility keeps the computer patched, which is always a good thing to do. Except that it also has a vulnerability and the computer can be compromised by visiting a web page with malicious code.
The program affected is called HP Software Update Client, version 3.0.8.4.
Again, use a good anti virus program and update the update tool when HP releases a fix.