-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:
https://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c05239646

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05239646
Version: 1

HPSBHF3549 ThinkPwn UEFI BIOS SmmRuntime Escalation of Privilege

NOTICE: The information in this Security Bulletin should be acted upon as soon
as possible.

Release Date: 2016-08-17
Last Updated: 2016-08-25

Potential Security Impact: System downtime, or privilege escalation.

Source: HP, HP Product Security Response Team (PSRT)

VULNERABILITY SUMMARY

A security vulnerability identified with UEFI firmware, dubbed ThinkPwn, has
been addressed in certain HP commercial notebook PCs and HP consumer notebook
PCs. The vulnerability could be exploited to run arbitrary code in System
Management Mode, resulting in elevation of privilege or denial of service.

References: CVE TBD PSR-2016-0068

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

See impacted products listed in the Resolution section of this document.

BACKGROUND

For a PGP signed version of this security bulletin please write to:
hp-security-al...@hp.com

CVSS 2.0 Base Metrics

  Reference                      Base Vector                      Base Score

CVE-TBD          Temp (AV:N/AC:H/Au:S/C:C/I:C/A:C)                Temp 7.1

Information on CVSS is documented in HP Customer Notice: HPSN2008002.

RESOLUTION

HP has provided firmware updates to address the vulnerability for HP PCs with
UEFI Firmware.

To acquire the firmware updates, go to hp.com and complete the following steps:

 1. On hp.com, select Support and then select Download Drivers.

 2. Enter your product name or number in the Find my product field.

 3. Choose the product from the returned search results.

 4. Choose the operating system.

 5. Under the Download Index, select BIOS, and download the BIOS version as
    listed in the table below.

 6. Follow the installation instructions to install the firmware update.

HP Commercial Notebook PC, Mobile Thin Client and      BIOS       HP SoftPaq
                   Tablet Model                      Version        Number

HP EliteBook 725 G2 Notebook PC                     01.42       sp76950

HP EliteBook 745 G2 Notebook PC                     01.42       sp76950

HP EliteBook 755 G2 Notebook PC                     01.42       sp76950

HP mt41 Mobile Thin Client                          01.41       sp76955

HP ProBook 4435s Notebook PC                        F.63        sp76954

HP ProBook 4436s Notebook PC                        F.63        sp76954

HP ProBook 4445s Notebook PC                        F.64        sp76961

HP ProBook 4446s Notebook PC                        F.64        sp76961

HP ProBook 445 G1 Notebook PC                       F.64        sp76956

HP ProBook 445 G2 Notebook PC                       01.41       sp76953

HP ProBook 4535s Notebook PC                        F.63        sp76954

HP ProBook 4545s Notebook PC                        F.64        sp76961

HP ProBook 455 G1 Notebook PC                       F.64        sp76956

HP ProBook 455 G2 Notebook PC                       01.41       sp76953

HP ProBook 645 G1 Notebook PC                       01.41       sp76945

HP ProBook 6465b Notebook PC                        F.63        sp76967

HP ProBook 6475b Notebook PC                        F.65        sp76962

HP ProBook 655 G1 Notebook PC                       01.41       sp76945

HP ProBook 6565b Notebook PC                        F.63        sp76967

          HP Consumer and SMB Notebooks               BIOS       HP SoftPaq
                                                    Version        Number

HP Pavilion 13-p100 thru 13-p199 x2 (AMD)          F.0A        sp76822

HP Pavilion 13z-p100 x2 (AMD)                      F.0A        sp76822

HP Pavilion 14-a000 thru 14-a099 (Intel)           F.27        sp76846

HP Pavilion 14-e000 thru 14-e199 (Intel)           F.27        sp76846

HP Pavilion 14-f000 thru 14-f099 Sleekbook (AMD)   F.0B        sp76823

HP Pavilion 14-n000 thru 199 (Intel)               F.70        sp76803

HP Pavilion 14-n200 thru 299 (Intel)               F.70        sp76803

HP Pavilion 14t-a000 (Intel)                       F.27        sp76846

HP Pavilion 14t-e100 (Intel)                       F.27        sp76846

HP Pavilion 14t-n100 (Intel)                       F.70        sp76803

HP Pavilion 14t-n200 (Intel)                       F.70        sp76803

HP Pavilion 14z-f000 Sleekbook (AMD)               F.0B        sp76823

HP Pavilion 15-e000 thru 15-e099 (Intel)           F.27        sp76846

HP Pavilion 15-e100 thru 15-e199 (Intel)           F.27        sp76846

HP Pavilion 15-n000 thru 199 (Intel)               F.70        sp76803

HP Pavilion 15-n200 thru 299 (Intel)               F.70        sp76803

HP Pavilion 15t-e000 (Intel)                       F.27        sp76846

HP Pavilion 15t-e100 (Intel)                       F.27        sp76846

HP Pavilion 15t-n100 (Intel)                       F.27        sp76846

HP Pavilion 15t-n200 (Intel)                       F.70        sp76803

HP Pavilion 17-e000 thru 17-e099 (Intel)           F.27        sp76846

HP Pavilion 17-e100 thru 17-e199 (Intel)           F.27        sp76846

HP Pavilion 17t-e000 (Intel)                       F.27        sp76846

HP Pavilion 17t-e100 (Intel)                       F.27        sp76846

HP Pavilion TouchSmart 14-f000 thru 14-f099        F.0B        sp76823
Sleekbook

HP Pavilion TouchSmart 14-n000 thru 199 Ultrabook  F.70        sp76803
(Intel)

HP Pavilion TouchSmart 14-n000 thru 299 (Intel)    F.70        sp76803

HP Pavilion TouchSmart 14-n200 thru 299 Ultrabook  F.70        sp76803
(Intel)

HP Pavilion TouchSmart 14t-n100 (Intel)            F.70        sp76803

HP Pavilion TouchSmart 14t-n100 Ultrabook (Intel)  F.70        sp76803

HP Pavilion TouchSmart 14t-n200 (Intel)            F.70        sp76803

HP Pavilion TouchSmart 14t-n200 Ultrabook (Intel)  F.70        sp76803

HP Pavilion TouchSmart 14z-f000 Sleekbook (AMD)    F.0B        sp76823

HP Pavilion TouchSmart 15-n000 thru 15-n299        F.70        sp76803
(Intel)

HP Pavilion TouchSmart 15t-n100 (Intel)            F.70        sp76803

HP Pavilion TouchSmart 15t-n200 (Intel)            F.70        sp76803

System management and security procedures must be reviewed frequently to
maintain system integrity. HP is continually reviewing and enhancing the
security features of software products to provide customers with current secure
solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the
attention of users of the affected HP products the important security
information contained in this Bulletin. HP recommends that all users determine
the applicability of this information to their individual situations and take
appropriate action. HP does not warrant that this information is necessarily
accurate or complete for all user situations and, consequently, HP will not be
responsible for any damages resulting from user's use or disregard of the
information provided in this Bulletin. To the extent permitted by law, HP
disclaims all warranties, either express or implied, including the warranties
of merchantability and fitness for a particular purpose, title and
non-infringement."

REVISION HISTORY

Version 1 2016-08-09

Copyright 2016 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or its
affiliates, subcontractors or suppliers will be liable for incidental,special
or consequential damages including downtime cost; lost profits;damages relating
to the procurement of substitute products or services; or damages for loss of
data, or software restoration. The information in this document is subject to
change without notice. Hewlett-Packard Company and the names of Hewlett-Packard
products referenced herein are trademarks of Hewlett-Packard Company in the
United States and other countries. Other product and company names mentioned
herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJYElOHAAoJEPRuzn0I+N3ZBqYQAJGSgloCzeuYUGUbiR/SgZJD
zjI5YTVjy33QLI+BHwDizylpS5s7i9lcic++RcyspfRCBwK/gWVfh1q4Zb8kxyBq
xruvGzdG+PfAMPwVhFWDIxLsQAMPUD3/lLt3RimTKiVP70gGWwlaeTJBwDfe4vZh
S6LeYg9G/R0/EFDnUxN6sMTVAsICo2f5/puzkUk1pshFDJQ5mR9Se1lrOgHL0jHl
Hw2pHey8JmTUI+ORzow82qpJ5BFwmzSz5h5lTGoiuhypWkoamzxAnel4vZrQroFT
2uSB8a2P3Ri1IgP1CgOKOOBrGpXdcZLOk/58KgxZTcdCJIRBVlRFPxrGlOSr4iDP
UxEHpGoCcFAT2pC+Q6HWfAEM2ctfjWDZKRvaHcDo6dosHwE+vUHNCt3I5su4M7nn
111kMWhN8yEKZLWoyyX8xCZQSGbW2vEH/iigI4jivbPayr4p19i/C196Z+odAWzg
jAF9FA71QneIyVNkyD835LZhIA7mdbMPNlAnP/atuds7ITDfPV57hVWPx0L6YUgH
HD2uFIAzX3NnLpTIO550IedPVb8PRWwZCo46D6P4WYReJbboZ5Jgx66Iud59kCOR
RlWEQQ0KZ/9u73VfMP3RqUGMC0LezP0nLuJ9Wgb/zo9naUXAfGO5DLPDTDMFjgSs
rGtaxS1YeGRPKhs6DJOQ
=cB28
-----END PGP SIGNATURE-----

Reply via email to