If you own a Dell, now is a good time to upgrade your system. Even though your PC was not manufactured by Dell, it is possible that a new, millions-of-two vulnerability applies to you.
SafeBreach Labs researchers found a fatal error on Dell's SupportAssist utility Monday. In addition, attackers can inject malicious code into your home or business PC and ultimately gain full control over the system through extended privileges.
This vulnerability allows attackers to replace harmless DLL files loaded with diagnostic scans with those with malicious content payload, originally reported on April 29. Dell confirmed the bug a month later and a fix was introduced late last month.
Alienware's Comprehensive Redesign for the Thinnest Gaming Laptops
Alienware announced at CES a major redesign with soft plastic, curved and …
Read more Read
SafeBreach Labs targets SupportAssist, a software preinstalled on most Dell PCs to check the health of system hardware. It is assumed that "such a critical service also has a high level of privilege to access the PC hardware than the ability to escalate privileges.
The researchers found that the application loads .dll files from a folder that users can access, meaning that the files can be replaced and used to load and execute a malicious payload.
There are concerns that the bug also affects third-party PCs.
SupportAssist is a renamed version of the Windows Hardware Diagnostic Tool PC-Doctor Toolbox. This product has also been renamed to Corsair ONE Diagnostics, Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic Tool and Tobii Dynavox Diagnostic Tool vendor. To resolve this error, either download automatic updates or download the latest version of Dell SupportAssist for Business PCs (x86 or x64) or Home PCs (here).
You can read a full version of SafeBreach Labs reports here.