Dell SupportAssist flawed.
Dell SupportAssist, is the software that checks the health, software, and hardware of your Dell system; so what happens when it is compromised?
A 17 year old independent security researcher, named Bill Demirkapi, has found such a issue. It is a critical remote code execution vulnerability that comes pre-installed on most Dell computers.
Dell SupportAssist runs quietly in the background of Dell computers and literally watches over your computer. It accepts commands as URL parameters to do things such as; collect detailed system information or download a software update and install it on your system.
“Access-Control-Allow-Origin” is supposed to have restrictions to make sure that it would only take commands from ‘dell.com’ website and domains, but remote hackers could have easily downloaded and installed malware from a remote server on affected Dell computers to take full control over them.
“An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites,” Multinational computer technology company Dell said in an advisory.
Dell SupportAssist Client versions prior to version 220.127.116.11, is affected by this vulnerability.
Dell patched that and another vulnerability in the SupportAssist software. Dell users should install the updated Dell SupportAssist 18.104.22.168 or newer, or uninstall the application. Otherwise the hackers can exploit the weaknesses and take control over users systems.
Tired of paying to much for your Managed Services?
Why not give our Essential packages a look! We have exactly what every type of business needs.