DELL HAS SQUASHED a bug in its SupportAssist tool that could expose users of its laptops and desktops to remote code execution attacks.
The vulnerability, labelled CVE-2019-3719, was discovered by 17-year-old cybersecurity researcher Bill Demirkapi, who noted that hackers could exploit a non-updated version of the tool to take over a user's computer by gaining code execution at admin level privileges.
The job of SupportAssist is to automatically detect and install drivers, and it comes pre-installed on all Dell laptops and computers that come with a Windows OS. That means masses of Dell users could have been affected by the vulnerability, though there have been no reports of the bug being exploited out in the wild.
The SupportAssist tool runs with admin privileges, so its exploitation means the files and code it has been tricked into downloading can also be run with the same level of privileges.
As such, the exploit could lead to an entire system takeover by a remote hacker, though the malicious sort needs to be on the same network as the vulnerable Dell computer; not too much of a challenge is someone is tapping away on an XPS 13 connected to say a coffee shop's public WiFi.
Demirkapi reported the vulnerability to Dell which has now released a patch and published an advisory.
That should mean the bug's squashed, but folks who've stopped automatic updates on their Dell machines or organisations handling updates in-house should make sure the patch is applied to keep opportunistic hackers at bay. µ
Bad for shareholders, mildly good for the planet
YouTube on the Tube
Claims that it hasn't ever actually worked