Dell SupportAssist bug leaves millions of PCs vulnerable

News by Robert Abel

A remote attack can exploit the flaw by tricking a victim into downloading a malicious file to a certain folder

A vulnerability in Dell’s SupportAssist, a software designed to protect users from vulnerabilities, has left millions of PCs vulnerable to remote takeover. 

SafeBreach security researchers discovered the high-severity vulnerability (CVE-2019-12280) which stems from a component in SupportAssist, which checks the health of system hardware and software and requires high permissions, according to a June 21 blog post.

No digital certificate validation is made against the binary when downloading a dynamic link library (DLL) so the program doesn’t validate whether the DLL that it will load is signed and will load an arbitrary unsigned DLL without any hesitation. 

As a result, a remote attack can exploit the flaw by tricking a victim into downloading a malicious file to a certain folder. PC-Doctor has released a patch for infected devices and users are advised to update as soon as possible. 

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews