728 x 90

Dell patches RCE vulnerability in its SupportAssist tool

Dell patches RCE vulnerability in its SupportAssist tool

SupportAssist vulnerability could have affected masses of users DELL HAS SQUASHED a bug in its SupportAssist tool that could expose users of its laptops and desktops to remote code execution attacks. The vulnerability, labelled CVE-2019-3719, was discovered by 17-year-old cybersecurity researcher Bill Demirkapi, who noted that hackers could exploit a non-updated version of the tool

Dell patches RCE vulnerability in its SupportAssist tool

SupportAssist vulnerability could have affected masses of users

DELL HAS SQUASHED a bug in its SupportAssist tool that could expose users of its laptops and desktops to remote code execution attacks.

The vulnerability, labelled CVE-2019-3719, was discovered by 17-year-old cybersecurity researcher Bill Demirkapi, who noted that hackers could exploit a non-updated version of the tool to take over a user’s computer by gaining code execution at admin level privileges.

The job of SupportAssist is to automatically detect and install drivers, and it comes pre-installed on all Dell laptops and computers that come with a Windows OS. That means masses of Dell users could have been affected by the vulnerability, though there have been no reports of the bug being exploited out in the wild.

Demirkapi has the technical details, but in a nutshell, the vulnerability could be exploited by luring a Dell machine user to a malicious website loaded with JavaScript that could trick the SupportAssist tool into downloading files from a hacker-controlled location and then running them on the computer.

The SupportAssist tool runs with admin privileges, so its exploitation means the files and code it has been tricked into downloading can also be run with the same level of privileges.

As such, the exploit could lead to an entire system takeover by a remote hacker, though the malicious sort needs to be on the same network as the vulnerable Dell computer; not too much of a challenge is someone is tapping away on an XPS 13 connected to say a coffee shop’s public WiFi.

Demirkapi reported the vulnerability to Dell which has now released a patch and published an advisory.

That should mean the bug’s squashed, but folks who’ve stopped automatic updates on their Dell machines or organisations handling updates in-house should make sure the patch is applied to keep opportunistic hackers at bay. µ

Further reading

[ad_2]

Source link

Susan E. Lopez
ADMINISTRATOR
PROFILE

Posts Carousel

Leave a Comment

Your email address will not be published. Required fields are marked with *

Latest Posts

Top Authors

Most Commented

Featured Videos