The US Computer Emergency Readiness Team (US-CERT) has warned users of Acer notebooks that a pre-installed ActiveX control could be used by hackers to take over vulnerable computers.
According to the agency, if a hacker convinced a user to visit a website using Internet Explorer, they could subvert the system by running arbitrary code with the privileges of the user. The Acer LunchApp ActiveX control is provided by LunchApp.ocx. It contains a method called Run(), which takes three parameters: Drive, FileName, and CmdLine.
"Although the control is not inherently marked as safe for scripting via the IObjectSafety interface, it may be distributed with the appropriate Implemented Categories registry key to make it safe for scripting," the agency said on its website. "This means that a web page in Internet Explorer can call the Run() method of the control."
Acer issued an update called Acer Preload Security Patch for Windows XP. This patch unregisters and deletes the LunchApp.ocx file if it is present in the Windows System directory.
The vulnerability was originally discovered by Tan Chew Keong. He wrote on his blog that he found the vulnerability on his Acer TravelMate 4150 notebook and the ActiveX control was part of the suite of applications distributed on Acer notebooks going as far back as November 1998.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
