comments (not for humans)
I can't say I'm a big fan of the software Acer ships with their laptops. A custom menubar in Windows taking 60 megabytes of memory? Encryption software that interferes when dragging and dropping files from explorer into MSN? No autoupdater? But last week I noticed some writing about an ActiveX control Acer ships with their software: Computer World Article (in norwegian). This ActiveX control called lunchapp.ocx is actually a backdoor.

And today I found an article describing how terribly easy it is to exploit this control: About Acer Notebook LunchApp.APlunch ActiveX Control..... By writing five lines of HTML code, you can actually run whatever application you want on the computer. This is truly a critical security error.

Update 17.01.2007:
Acer has now issued a patch which removes this vulnerability.
Dave Moyle
And that is why the first step of owning a new PC is to delete all existing HDD partitions and perform a clean OS install from Microsoft media.

Truly frightening
Comments closed for this post