Dell has disclosed a new critical vulnerability earlier today. This flaw yet again concerns the Dell SupportAssist pre-loaded software. The flaw was discovered by SafeBreach and detailed by security researcher Peleg Hadar. The reports reveal another high-level breach that allows any remote hacker to access root-level DLLs, and then insert malicious code at the deep system-level thereby taking over a system and gain access to the physical storage device of a laptop or a PC. The vulnerability, CVE-2019-12280, was identified in Dell’s SupportAssist application for business (version 2.0) and home PCs (version 3.2.1 and prior).
Since Dell’s SupportAssist has admin-level access to your Windows machine which automatically installs updates, allowing a third party to take advantage of this vulnerability to install malicious code hiding within what are known as dynamic link library files, or DLL files. “According to Dell’s website, SupportAssist is preinstalled on most of Dell devices running Windows. This means that as long as the software is not patched, the vulnerability affects millions of Dell PC users,” explains SafeBreach researcher Peleg Hadar.
It is also important to note that Dell recently encountered a similar vulnerability with the SupportAssist software. This vulnerability allowed attackers on the same internet network to take over machines remotely and gain root-level access. This, in turn, would lead to a flaw where attackers would insert ransomware and other malicious code, and Dell being one of the biggest OEMs for laptops and PCs, represented a great security risk that has been recurrent in nature.
However, the good news is that Dell has already issued an update and “recommends all customers to update at the earliest opportunity.” A whole step-by-step guide can also be found on its security advisory page.