Security leak in HP Software Update

Only last week, HP had to close a critical hole in software preinstalled on some of its notebooks. Now, further security leaks have been discovered in another preinstalled component. The ActiveX module in HP's Software Update, which is designed to automatically look for updated drivers and vendor software, apparently can be accessed from websites. Attackers can use specially crafted websites to exploit some insecure functions in the module in order to create files on affected systems or to destroy or read existing files.

Read the article HERE.