Dell urges all customers to update their SupportAssist software ASAP. The announcement comes after a cybersecurity company identified a vulnerability that allows hackers to completely take over a PC. According to Dell, the problems affect both business and home PCs.
Is there another doctor in the house?
For those of you who don’t own a Dell, SupportAssist is software that monitors your PCs and makes repairs on the go. It’s like AVG Tune-Up Utilities or CCleaner, only with Dell’s signature written all over it.
Developed for the company by cybersecurity startup from Nevada, SupportAssist can help you deal with all manner of issues such as hard-disk errors, perform minor tweaks, defrag drives, and more.
Now, according to SafeBreach, the company who pointed out this vulnerability, the SupportAssist issue, dubbed CVE-2019-12280, should be addressed as soon as possible.
Why? Because the software has system-type privileges, meaning that any malware code injected via SupportAssist can permeate and cripple every sensitive component.
So, how bad is it? Very bad. Peleg Hadar, one of SafeBreach’s security specialists, declared that hackers could take anything from your PC and not leave a trace behind.
What’s even more worrying is the fact that PC-Doctor, one of SupportAssist’s distant cousins, is installed on over 100 million home and business computers.
According to SafeBreach’s Proof-of-Concept, the issue was related to a defective dynamic link libraries file that can potentially allow the hackers to gain system-level privileges.
Since the DLLs were shot to Hell and back, the attacker could have injected malicious code into SupportAssist by piggybacking on the defective DLLs.
As every software requires DLLs in order to run, spreading than malware code is a breeze – the hacker only needs to inject the viral payload into a defective DLL or delete one and replace with a pre-scripted one.
The result is more than obvious – your computer will no longer be a computer, but someone else’s toy or, should I say, I treasure trove of info just waiting to be pillaged.
So far, no incidents have been reported. Still, there’s no way of telling for sure. Now, according to Dell, the only way to prevent complete takeover via the DLL vulnerability is to update your SupportAssist to the latest version.
You can do that through Dell’s Download Center. If this method doesn’t work, you can always download the update manually from Dell’s Support page.
In case you’re running a version older than 2.0 (business edition) or 3.2.1 (home edition) you should also consider running a thorough malware scan to make sure your computer’s safe.
Should you be worried about running an unpatched version of SupportAssist? I would. Your computer’s free real-estate for hackers.
So, as a cagy homeowner, you should definitely put up the “trespassers will be shot on sight, survivors will be shot again” sign by installing the update as soon as possible.
You should do it right now (hint, hint). What’s your take on this whole wormable DLL quagmire? Head to the comments section and let me hear your thoughts. Oh, by the way; did I mention you should update your SupportAssist?