A vulnerability in Dell’s SupportAssist, a software designed to protect users from vulnerabilities, has left millions of PCs vulnerable to remote takeover.
SafeBreach security researchers discovered the high-severity vulnerability (CVE-2019-12280) which stems from a component in SupportAssist, which checks the health of system hardware and software and requires high permissions, according to a June 21 blog post.
No digital certificate validation is made against the binary when downloading a dynamic link library (DLL) so the program doesn’t validate whether the DLL that it will load is signed and will load an arbitrary unsigned DLL without any hesitation.
As a result, a remote attack can exploit the flaw by tricking a victim into downloading a malicious file to a certain folder. PC-Doctor has released a patch for infected devices and users are advised to update as soon as possible.
This article was originally published on SC Media US.