HP has made available an updated version of its Support Assistant tool to address a high severity flaw that could be exploited to gain elevated privileges on vulnerable systems. Support Assistant comes pre-installed on HP laptop and desktop computers, as well as on Omen devices. The flaw is a DLL hijacking issue that occurs when Support Assistant launches Performance Tune-up. HP recommends that users upgrade to the latest version of Support Assistant version 9.x; HP will not be making a fix available for version 8.x.
- Make sure that you are keeping any OEM provided software updated if your imaging processes don’t remove it. Also scan for re-introduction. The HP Support Assistant CVE-2022-38395 has a CVSS 3.0 score of 8.2, in part as the tool is already running with system privileges. The attack, while simple to exploit, requires a foothold on a system prior to exploitation, which provides some cushion; don’t sit on forcing the update.