Energizer released its line of rechargeable battery devices that use USB to charge batteries a while back. Among the line of chargers were the Duo Charger and the USB Charger. Energizer has unveiled that the software offered along with the chargers to allow users to view the charge status of the batteries has vulnerability in it.
The software had to be downloaded via the Energizer website and installed separately. The software was not required for the chargers to work with a Mac or PC. Energizer is reporting that only the Windows version of the software had the vulnerability in it, the Apple version is fine.
The software should be removed from the computer reports Energizer to eliminate the vulnerability. A file in the system32 directory in the registry needs to be removed as well called Arucer.dll. Energizer is working with the US government and CERT to determine how the vulnerability was added to the software. According to CERT, the vulnerability in the software allows remote access to a computer system provided the attacker with the ability to list directories, send, receive files, and execute programs.