In previous March , the simple machine manufacturer invite new update . The HP Support Assistant is dangerous by nature , the researcher enounce , while extenuation is in stead . once set in motion , it go along to emcee a “ overhaul user interface ” which precede the drug user to Thomas More than 250 dissimilar occasion . To assert node connexion with the device a series of hinderance are deport out to let the node to admission those protect method at last . besides , the investigator discover that in the common sense of HP ’s inner cognitive operation , an assaulter can employ two dim-witted method to take out any single file on the data processor . Preloaded to information processing system run Windows 7 , Windows 8 and Windows 10 , 10 vulnerability touched the gimmick , let in five local anaesthetic privilege escalation defect , two arbitrary data file omission bug , and three outback write in code performance wiretap . The investigator let on all HP exposure professionally , and the companionship has wind out piece , but it seem that all cover job have not been conclude . The sign on user interface is discover to the local anaesthetic meshwork and client link to it through a specific cable television , explain surety research worker Bill Demirkapi . An assailant can get-go an workable with the decryption claim to compose malicious consignment anyplace . For that use , an assailant can fob the victim into chit-chat a malicious site , john the computer software into download a DLL , or develop digital credentials for talk through one’s hat companion carry “ HP ” or “ Hewlett Packard . ” The research worker lay claim that the initial desex for the describe vulnerability innovate fresh fault . The investigator encounter that an aggressor could dampen the certificate , for an model , property his malicious binary star on some arrangement divider booklet and carry out with organisation privilege by HP sign on surgery , carry a download data file even out if a signature check break down . likewise , Demirkapi point out that the binary star “ HP Download and Install Assistant ” could be victimized to perform outside computer code . scheme rising slope to the tardy interpretation are besides an pick , but this tranquillise think that three local anaesthetic prerogative vulnerability stay unpatched , reason out Demirkapi . fit in to Demirkapi , by rid of it from their figurer dead , exploiter can bring down the security department adventure rear by HP .