Patch/Configuration Management, Vulnerability Management

Dell SupportAssist bug leaves millions of PCs vulnerable

A vulnerability in Dell’s SupportAssist software, a software designed to protect users from vulnerabilities, has left millions of PCs vulnerable to remote takeover. 

SafeBreach security researchers discovered the high-severity vulnerability (CVE-2019-12280) which stems from a component in SupportAssist, which checks the health of system hardware and software and requires high permissions, according to a June 21 blog post.

No digital certificate validation is made against the binary when downloading a dynamic link library (DLL) so the program doesn’t validate whether the DLL that it will load is signed and will load an arbitrary unsigned DLL without any hesitation. 

As a result, a remote attack can exploit the flaw by tricking a victim into downloading a malicious file to a certain folder. PC-Doctor has released a patch for infected devices and users are advised to update as soon as possible.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.