Attention folks! – Do you own an HP tech item such as a PC or laptop? If the answer is yes, or you know someone who does, then you might want to pay attention as following an official post on their website, HP has confirmed the release of a new BIOS update that looks to correct a huge security flaw recently discovered within over 200 of their PC and (predominantly we suspect) laptop products!
The security flaw was originally identified on HP products around 6-8 months ago by Nicholas Starke (an independent security researcher). – Although details on how the flaw can be executed have clearly not been posted online, the overall issue resided in a backdoor that allowed the BIOS to be accessed, and from this, malware could be installed/executed. A method which would completely prevent it from being detected by anti-virus products. – And yes, I strongly suspect that this is probably something to do with the HP software (bloatware) they pre-package with systems.
Itemised as ‘CVE-2021-3808’ and ‘CVE-2021-3809’, however, these have been classified with a score of 8.8 on the Common Vulnerability Scoring System Version 3.1 (CVSS 3.1) scale. This means that, in the grand scheme of things, this is about as close to being as serious and dangerous a security flaw as it can get!
The advice in this regard is pretty clear. – If you own any description of HP laptop or PC system, you are strongly advised (borderline compelled in fact) to visit the official HP website and, if applicable to your system, install the new BIOS updates as soon as possible. – And given that this is a known issue on over 200 products, don’t be fooled into thinking that this probably doesn’t apply to you. In something which we’ll admit is against the usual run of things, any relatively recent HP tech owner (within the last 8 years) is more likely to be affected by this security flaw than not!
Admittedly, no, the chances that someone would ever access your system and execute this flaw is pretty slim. – At the same time though, if you use your HP device for highly important work, such as online banking, etc, is this a risk you’d really want to take? – Take the 20 minutes and get the update (and more information) via the link here!
What do you think? – Let us know in the comments!
Phil Spencer has spoken out against what he calls "manipulative expansions"—additional content derived from material…
Razer has introduced the USB 4 Dock, a high-performance accessory designed to combine ultra-fast data…
A major supplier of GPU cooling components has indicated that we could see the arrival…
MSI first unveiled its top-tier AM5 motherboard, the MEG X870E GODLIKE, in August this year.…
80% UltraFast Recharging in 43 Minutes: Be ready for adventure in 43 minutes (100% in…
Powered by Intel's 13th Generation i7-13620H 10 Core Processor Dedicated NVIDIA GeForce RTX 4070 (140…