exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Fujitsu Lifebook A512 Out Of Date

Fujitsu Lifebook A512 Out Of Date
Posted May 6, 2013
Authored by Stefan Kanthak

The Fujitsu Lifebook A512 with Windows 8 Professional x64 factory preinstallation comes shipped with out of date vulnerability components and insecure installations.

tags | advisory
systems | windows
SHA-256 | 149be66ca877ed618264fb078501befafb7a2310c8c9244bbcb494a5d08d46b6

Fujitsu Lifebook A512 Out Of Date

Change Mirror Download
Hi @ll,

Fujitsus <http://www.fsc-pc.de/> factory preinstallation (as
found on a Fujitsu Lifebook A512 purchased a month ago) of
Windows 8 Professional x64 (I'm VERY confident that other
variants of Fujitsu's Windows 8 factory installation are just
the like) has the following vulnerabilities which can lead to
code execution in the context of the LocalSystem account.


A. Command lines with unquoted paths containing spaces:

A.1: Norton INSecurity Suite 201x

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NIS]
"UninstallString"="C:\\Program Files
(x86)\\NortonInstaller\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\NIS\\A5E82D02\\20.0.0.136\\InstStub.exe /X /ARP"


A.2: FJ camera installer

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}]
"UninstallString"="C:\\Program Files (x86)\\InstallShield Installation
Information\\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\\setup.exe -runfromtemp -l0x0009 -removeonly"


A.3: Intel MEI driver installer

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}]
"UninstallString"="C:\\Program Files (x86)\\Intel\\Intel (R) Management Engine Components\\Uninstall\\setup.exe -uninstall"


A.4: Intel graphics driver installer
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}]
"UninstallString"="C:\\Program Files (x86)\\Intel\\Intel (R) Processor Graphics\\Uninstall\\setup.exe -uninstall"


JFTR: all these "driver installers" are completely superfluous!

WHQL-signed drivers (a precondition for x64) have an *.INF
(a precondition for WHQL qualification) with all necessary
instructions, Windows 95 (!) and later find these *.INF via

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion]
"DriverPath"="C:\Windows\Inf;<more paths>;..."


A.5: Intel OpenCL SDK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}]
"UninstallString"="C:\\Program Files (x86)\\Intel\\OpenCL SDK\\2.0\\Uninstall\\setup.exe -uninstall"


Additionally various preinstalled applications come with vulnerable
and/or outdated 3rd-party componenents.


B. Vulnerable and/or outdated 3rd-party components in multiple (mostly)
superfluous applications:

B.1: Version 1.2.3 of ZLIB1.DLL (<http://zlib.net/>)
in "C:\Program Files\Intel\WiFi\bin\"

From <http://zlib.net/>:

| All users are encouraged to upgrade immediately.


B.2: SSLEAY32.DLL and LIBEAY32.DLL from version 1.0.0g of OpenSSL
(<http://www.openssl.org/>)
in "C:\Program Files\Intel\iCLS Client\"
and "C:\Program Files (x86)\Intel\iCLS Client\"


B.3: Version 9.0.30729.4926 of MSVC*90.DLL alias "Microsoft Visual
C++ 2008 SP1 Runtime"
in "C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86\"
and "C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64\"

See <http://support.microsoft.com/kb/2538243> resp.
<http://technet.microsoft.com/security/bulletin/ms11-025>
as well as <http://support.microsoft.com/kb/835322> to avoid
such silly errors!


B.4: Version 9.0.21022.8 of MSVC*90.DLL alias "Microsoft Visual C++
2008 RTM Runtime"
in "C:\Program Files (x86)\CyberLink\YouCam\subsys\PyFaceLogin\"

Same as B.3.


B.5: Version 8.0.50727.42 of MSVC*80.DLL alias "Microsoft Visual C++
2005 RTM Runtime"
in "C:\Program Files (x86)\CyberLink\YouCam\subsys\YouCam\"
and "C:\Program Files (x86)\CyberLink\YouCam\subsys\YouCam\MPEG\"

This version is end-of-life and has known but UNFIXED vulnerabilities,
see <http://technet.microsoft.com/security/bulletin/ms09-035>
and <http://technet.microsoft.com/security/bulletin/ms11-025>


B.6: Version 10.0.40219.1 of MSVC*100.DLL alias "Microsoft Visual C++
2010 SP1 Runtime" in MULTIPLE subdirectories of
"C:\Program Files (x86)\Norton Internet Security\Engine\"
and "C:\Program Files (x86)\NortonInstaller\"

See <http://support.microsoft.com/kb/2565063> resp.
<http://technet.microsoft.com/security/bulletin/ms11-025>
as well as <http://support.microsoft.com/kb/835322> to avoid
such silly errors!


JFTR: the current version 10.0.40219.325 of "Microsoft Visual C++
2010 SP1 Runtime" is but installed in "C:\Windows\System32\"
as well as "C:\Windows\SysWoW64\", the private copies made by
Norton INSecurity are superfluous too!


B.7: Version 5.2.7127.0 of GDIPLUS.DLL
in "C:\Program Files (x86)\Cyberlink\YouCam\OLRSubmission\"
and "C:\Program Files (x86)\Cyberlink\YouCam\subsys\BigBang\Runtime\"

GDIPLUS.DLL is a Windows system component which MUST NOT be
redistributed and installed by 3rd party software.

Windows 8 contains version 6.2.9200.16384 and newer of this DLL.


B.8: Version 7.0.7127.0 of MSVCP60.DLL
in "C:\Program Files (x86)\Cyberlink\YouCam\subsys\BigBang\Runtime\"

MSVCP60.DLL is a Windows system component which MUST NOT be
redistributed and installed by 3rd party software.

Windows 8 contains version 6.2.9200.16384 and newer of this DLL.


JFTR: no, I don't blame Fujitsu for the faults of Norton/Symantec,
InstallShield, Intel or Cyberlink, but I blame Fujitsu for
including this superfluous crapware in their factory
preinstallation!


Timeline:
~~~~~~~~~

2013-04-22 informed vendor

2013-04-24 vendor replied:
the preinstalled software has been selected according to
current standards and was qualified by us, be we dont
guarantee anything; it's the responsibility if their resp.
vendors to provide updates, so look yourself for updates
and security fixes.

2013-04-26 asked vendor:
please elaborate your "standards" and your qualification
process

no answer

2013-05-05 report published


Stefan Kanthak


Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close