The software for Sennheiser’s high-end headphones has been discovered to have a major security flaw which could potentially allow hackers access to a users’ personal details.
During a random check, security consulting firm Secorvo has found that Sennheiser’s HeadSetup and HeadSetup Pro softwares installed a root certificate into the Trusted Root CA Certificate store along with a non-unique private key.
This private key isn’t unique to each user, which is where the problem lies. It means that if someone is able to decrypt the key, they could then gain access to any of the affected users’ systems via faking a website and asking the user to enter their personal details.
To make matters worse, uninstalling the software itself doesn’t remove this trusted root certificate. So anyone who has ever installed the software is at risk.
Sennheiser has released an update that patches the issue and is imploring users both past and present to install it, even if they have since uninstalled an earlier version of HeadSetup.
So if you think you may have ever used this software on your PC or Mac, we highly recommend you install this update.
Millennial startup Mic sold itself to Bustle Digital Group for a reported $5 million, a fraction of the $60 million it raised, after financial problems including the impact of Facebook canceling a video show. But the Mic situation reveals broader challenges with the Facebook-funded shows, and the ongoing relationships between publishers and the social media...
Sheryl Sandberg, Facebook’s chief operating officer, reportedly requested research on billionaire George Soros, and wanted to see if the investor was shorting Facebook’s stock, the company said to multiple news organizations on Thursday. That news comes after it was revealed that Facebook had a relationship with the opposition-research firm, Definers Public Affairs. Definers has had...