via Engadget


A Polish security researcher calling himself porkythepig is apparently gunning hard for HP this month, first exposing a slew of vulnerabilities that affected 83 different HP and Compaq models ten days ago, and today releasing an exploit that allows an attacker to brick any HP or Compaq laptop.

The 'sploit takes advantage of a vulnerable ActiveX control in HP's Software Update, allowing a hacker to easily corrupt Windows kernel files, or even take control of the machine with a little more effort. Porkythepig says the bug affects HP and Compaq laptops running Windows 2000, XP, Server 2003 and Vista, and that simply disabling the Software Update mechanism may not prevent attackers from taking advantage of the vulnerability.

Even still, those of you out there running HP / Compaq machines may want take a second to shut down Software Update until HP issues a patch.