Microsoft, Huawei Fix Security Issue in Huawei Laptops
While Microsoft gives Huawei an attaboy for quick response to the security flaw, it's not a good look for Huawei.
Huawei MateBook laptops running the company's PCManager software included a backdoor that would let unprivileged users take over "superuser" privileges, according to a Microsoft report, which credit's Huawei assistance in finding and remediating the problem.
Huawei patched the software and issued an advisory in January.
Microsoft researchers say they spotted the flaw after investigating an alert raised by Microsoft Defender Advanced Threat Protection's kernel sensors. Microsoft reported the vulnerability to Huawei, "who responded and cooperated quickly and professionally," according to a Monday post by the Microsoft Defender Research Team, which goes into technical detail on how Microsoft discovered the source of the problem.
You're invited to attend Light Reading’s Big 5G Event! Formerly the Big Communications Event and 5G North America, Big 5G is where telecom's brightest minds deliver the critical insight needed to piece together the 5G puzzle. We'll see you May 6-8 in Denver -- communications service providers get in free!
The vulnerability is similar to a backdoor technique used by the NSA, according to a report on SC Magazine.
News of the backdoor is a bad look for Huawei -- at least at first. The US is accusing Huawei of installing backdoors in its networking gear, at the behest of the Chinese government. Huawei denies the accusations; the US has never provided proof of the existence of the backdoors and its finger-pointing has been met by skepticism in other countries.
In this specific case, Huawei acted promptly to mitigate and disclose a possible security problem -- and Microsoft acknowledges its efforts. Also, this particular vulnerability doesn't look Chinese in origin; its inspiration is reportedly red, white and blue.
Related posts:
— Mitch Wagner Executive Editor, Light Reading
About the Author(s)
You May Also Like