Monday, March 8, 2010

Battery Chargers Be Warned


Energizer®'s USB Port Duo Battery Charger, which charges your batteries via your computer's USB port, has backdoor that may allow a remote attacker to view files or launch software. The software is supposed to allow the user to see how the battery charging progresses is going on. It also loads a .dll and sets it to load automatically every time the computer is started by adding to Windows Start-Up and launching arucer.dll.

I just want to know who thought this was a good idea anyway? Wait only 10 hours to charge two AA rechargeable batteries and stress my USB port's power, were do I pickup one of these gems?!!? :P



References:

http://www.kb.cert.org/vuls/id/154421
http://www.us-cert.gov/current/index.html#engergizer_duo_usb_battery_charger
http://www.energizer.com/SiteCollectionDocuments/pdf/rechargeable/chusb_instructions_english.pdf

1 comment:

Richard C. Lambert said...

It also loads a .dll and sets it to load automatically every time the computer is started by adding to Windows Start-Up and launching arucer.dll.travel batteries