Microsoft 10 MateBooks Vulnerable Due to Faulty Huawei Software
Microsoft security researchers discovered a vulnerability in the Huawei PCManager driver software used in the MateBook line of Microsoft 10 laptops. The flaw was detected by updated kernel sensors designed to detect malware like DoublePulsar, the delivery vehicle for WannaCry. After reverse-engineering the driver “HwOs2Ec10x64.sys," researchers were able to deduce that the defective Huawei software can permit the attacker to create a malicious version of MateBookService.exe. This allows the attacker to run code with low privileges to read and write to other processes or to kernel space, leading to a "full machine compromise." According to the report, the vulnerability, CVE-2019-5242, has a severity score of 7.3 out of a possible 10. Huawei has released software updates to fix these vulnerabilities. The NJCCIC recommends users of Windows 10 MateBooks to patch systems as updates become available, and ensure they are running the most current, up-to-date version of their operating system.