HP Support Assistant Flaws May Expose PCs to Hackers

I must admit that I’m not personally a fan of ‘mainstream’ PC/laptop suppliers. Not necessarily because I have a problem with their quality, but because they often come packed with at least half-a-dozen pre-installed applications that I’d politely describe as bloatware. Of these, HP users will undoubtedly be aware of their ‘Support Assistant’ and, in a report via TechRadar, a security research group has found vulnerabilities within it that they believe may allow hackers to access the user’s PC.

HP Support Assistant Security Flaws!

Being discovered by security researcher Bill Demirkapi, he has found ‘several’ unpatched vulnerabilities within the HP Support Assistant app. He has (entirely understandably) not disclosed what they are. It is believed, however, that the security flaws could allow for the remote execution of files which could allow user privilege to be altered. A factor that could potentially permit malware files to be executed without the user noticing. This is, we should add, an issue specific to Windows users. Albeit, it was not disclosed if this was flaw was appertaining to certain operating systems. We would, however, presume that the main reference is towards Windows 10.

In the report, Bill Demirkapi has said:

“It is important to note that because HP has not patched three local privilege escalation vulnerabilities. Even if you have the latest version of the software, you are still vulnerable unless you completely remove the agent [the software] from your machine.”

What Should I Do?

Given that at least 3 of these security notices have not been corrected in the most recent (March) update to HP Support Assistant, it has been strongly advised (not by HP incidentally) that users immediately uninstall the software. Well, at least until the next official update comes out! Even then though, there’s no guarantee that these 3 specific issues will be corrected.

Incidentally, don’t think that you Dell or Lenovo owners have dodged a bullet here either. While not specifically citing any particular instances, Bill Demirkap has suggested that similar flaws may exist on their pre-installed ‘help’ applications as well. So, maybe you should double-check to see what came with your PC/laptop. Better safe than sorry, right?…

What do you think? Do you have HP Support Assistant installed on your system? Will you be removing it over these concerns? What’s your opinion on these ‘bloatware’ style of applications? – Let us know in the comments!