Quote:Millions of devices running the HP Omen Gaming Hub were using on a driver with a bug that could give attackers kernel-mode access without administrator privileges.
HP has since released a patch, but a new report on the flaw (CVE-2021-3437) from researchers from SentinelLabs details how the gaming software was built in part by copying code from a problematic open-source driver called WinRing0.sys.
HP Omen Gaming Hub is software that comes pre-installed on HP Omen desktops and laptops and functions as an optimizer for playing games, making automatic adjustments to fan speeds, lighting and accessory controls for the best gaming experience, SentinelLabs’ report explained.
Vulnerable HP OMEN Versions:
- HP OMEN Gaming Hub prior to version 11.6.3.0
- HP OMEN Gaming Hub SDK Package prior to version 1.0.44
Read more: HP Omen Hub Exposes Millions of Gamers to Cyberattack | Threatpost
![[-]](https://www.geeks.fyi/images/collapse.png)
