Energizer Announces Duo Charger and USB Charger Software Problem
ST. LOUIS, March 5, 2010 /PRNewswire via COMTEX/ — Energizer has been informed by the CERT Coordination Center (CERT) that the Windows software that was referenced and made available via a download with its Duo Charger, Model CHUSB, contains a vulnerability. Energizer introduced the Duo Charger in the United States and the USB Charger in Latin America, Europe and Asia in 2007. Both products charge Nickel Metal Hydride batteries from both a wall outlet and a USB connection. The product included a feature that would allow the user to view the battery charging status on a computer if associated software was installed. The Duo Charger product documentation referenced www.energizer.com/usbcharger to download the software. The site offered downloadable software in both Windows and Apple(R) versions; however only the Windows version contained the vulnerability.Energizer has discontinued sale of this product and has removed the site to download the software. In addition, the company is directing consumers that downloaded the Windows version of the software to uninstall or otherwise remove the software from your computer. This will eliminate the vulnerability. In addition CERT and Energizer recommend that users remove a file that may remain after the software has been removed. The file name is Arucer.dll, which can be found in the Window system32 directory.
Energizer is currently working with both CERT and U.S. government officials to understand how the code was inserted in the software. Additional technical information can be found at http://www.kb.cert.org/vuls/id/154421.
{ 0 comments }
