Samsung Windows Laptop Owners Urged To Download Fix To MitM Vulnerability

[RV_]

This is only for those who own a Samsung laptop.

 

Excerpt:

 

"Samsung laptop owners are being urged to update their Windows PCs after the discovery of a vulnerability that can allow remote attackers to download files onto a targeted system and gain complete control over the laptop.

 

The flaw is tied to a feature called “Samsung SW Update Tool 2.2.5.16” designed keep Samsung laptop users’ drivers and software up to date. Security researchers at Core Security discovered the vulnerability in November 2015 and disclosed the flaw March 4 after Samsung issued the patch to fix the problem.

 

Affected Samsung laptops include all models running Windows 7, 8 and 10, Varela said. He said all earlier versions of the Samsung SW Update Tool also may contain the vulnerability. Varela said Core Security did not test earlier versions of the software, but suspects they also contain the flaw.

 

Samsung did not return a request for comment. Samsung laptop owners can download Samsung’s most recent version of its Software Update Tool (SWUpdate_2.2.7.20) to apply the patch.

 

“This flaw gives attackers the ability to perform a textbook man-in-the-middle attack,” Varela said in an interview with Threatpost. “Samsung made no attempt to encrypt or authenticate traffic between the software update tool and Samsung servers,” he said.

 

Varela said the attack would need to be carried out on a shared Wi-Fi or LAN network with the targeted PC. Next, a DNS Spoofing attack would be put in place that routes web traffic from the targeted machine though the attacker’s own system. This type of man-in-the-middle attack would allow a hacker to redirect webpage requests and return spoofed Samsung files that appeared to be drivers or software updates to the victim’s laptops.

 

In some cases, according to Varela, the Samsung software update tool was configured to automatically request driver updates, allowing the attacker to install files on the targeted PC without the users consent or knowledge.

 

Samsung users might want to use caution when seeking the most recent version of this software patch online. When Threatpost searched Google for an update for Samsung’s Software Update Tool a top search link pointed us to a Samsung website offering “troubleshooting” support for Samsung PC owners running Windows 8. Instead of offering the patched SWUpdate 2.2.7.20 version of the software, what appears to be an older version of the software (SWUpdate_2.1.6.45) was only available. A Samsung Windows 10 support page did offer the up-to-date version of the software."

 

See more with links to the official Samsung download site in the full article at: https://threatpost.com/samsung-windows-laptop-owners-urged-to-download-fix-to-mitm-vulnerability/116710/#sthash.lMIScMrF.dpuf

 

 

[Bill Joyce]

Samsung is a hardware company that does not value its software people well, so they end up with second and third class software developers. This is just another example.

[Second Chance]

Thanks, Derek. I happen to have a Samsung laptop and just downloaded/installed the patch.

 

Rob

[RV_]

YW Rob, glad it helped!

 

Bill, I have seen that come and go with a lot of the current and past brands. Most like Apple and HP/Dell/ all have their computers built by Samsung or components rather than actually build them themselves. I think it is a shame when a major hardware player forgets that software makes the hardware sell. They also had no great success with either Bada OS or Tizen except for some phones.