Huawei Patches MateBook Vulnerability Previously Used In NSA-Style Attacks
Huawei is no stranger to a good security blunder, and the company appears to have fixed one of its most recent. The Chinese company has patched a flaw in some of its MateBook notebook computers that could have allowed someone to take control of the computer and then act maliciously. The bug itself was originally discovered by Microsoft and then patched by Huawei back in January.
What’s most interesting here is that the bug, part of Huawei’s PCManager software, used the same technique that the NSA previously used. And yes, it’s a technique that was later leaked and then used in attacks.
While there is no indication that the NSA was anywhere near any of this, it’s interesting that the app that made any of this possible was even there in the first place. According to Ars Technica, the app essentially duplicates functionality that Windows 10 has built right in. That means that this flaw never needed to exist in the first place.
None of this will come as too much of a surprise to anyone who has been following Huawei. The company was just last week the subject of a UK government report that found “serious vulnerabilities in Huawei products” and given the stance of the US government with regards to Huawei and its security, things aren’t looking great for the company’s ability to work with many governments moving forward.
There is obviously something wrong with security inside Huawei, whether by design or by accident. It doesn’t matter why things are going awry, ultimately, but the fact some Huawei products seem to be fundamentally insecure is a problem for all of us.