San Francisco, March 22 (SocialNews.XYZ) Cyber security researchers have found critical vulnerabilities in a popular student monitoring software being used in the remote learning times, which could be used by hackers to gain full access over students computers, compromising their security and privacy.
The McAfee Labs Advanced Threat Research team recently investigated a software called Netop Vision Pro produced by Netop and installed on computers used in several schools.
They discovered four previously unreported critical issues.
"These findings allow for elevation of privileges and ultimately remote code execution, which could be used by a malicious attacker, within the same network, to gain full control over students' computers," McAfee researchers said in a statement on Sunday.
They reported the issues with Netop, and the company delivered an updated version in February, effectively patching many of the critical vulnerabilities.
Netop Vision Pro allows teachers to perform tasks remotely on the students' computers, such as locking their computers, blocking web access, remotely controlling their desktops, running applications, and sharing documents.
Netop Vision Pro is mainly used to manage a classroom or a computer lab in a K-12 environment and is not primarily targeted for eLearning or personal devices.
In other words, the Netop Vision Pro software should never be accessible from the internet in the standard configuration.
"However, as a result of these abnormal times, computers are being loaned to students to continue distance learning, resulting in schooling software being connected to a wide array of networks increasing the attack surface," the researchers noted.
Netop provides all software as a free trial on its website, which makes it easy for anyone to download and analyse it.
"The network traffic is still unencrypted, including the screenshots of the student computers but Netop has assured us it is working on implementing encryption on all network traffic for a future update," McAfee researchers said.
Source: IANS
About Gopi
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz