A young security researcher named Bill Demirkapi has discovered that Dell’s pre-installed software leaves computers and laptops open to hijacking.
The said vulnerability exists in the Dell SupportAssist app’s remote code execution. The software is used for updating drivers, adjust settings and clean out unused files. But after making certain modifications to the app, hackers can misuse it to install malware into your computer or take over your PC.
This exploit, however, is not open to any hacker out there as only attackers on the same local network as your PC can do it. Also, you have to visit a website controlled by the attacker to fully execute the hijack.
How it Works
The attackers simply need to trick the user into clicking on a website. The website then runs malicious JavaScript code which is usually hidden inside ads on legitimate websites, which then allows the attacker to gain the access he needs.
Here’s a demonstration video by Bill Demirkapi, showing how the attack works.
ARVE Error: src mismatch
provider: youtube
url: https://youtu.be/0cTfnZ04jgQ
src in org: https://www.youtube-nocookie.com/embed/0cTfnZ04jgQ?feature=oembed&modestbranding=0&showinfo=0&rel=0&autoplay=1
src in mod: https://www.youtube-nocookie.com/embed/0cTfnZ04jgQ?modestbranding=0&showinfo=0&rel=0&autoplay=1
src gen org: https://www.youtube-nocookie.com/embed/0cTfnZ04jgQ
Fix
Dell, meanwhile, has responded to this by releasing a new patch; SupportAssist v3.2.0.90. Users are advised to update their SupportAssist app as soon as possible. If you haven’t received the patch yet, we advise you to uninstall the app until you get it.
Mere Ghar Ka Home PC Pe Bhi Hoga ?
DELL Core2Dou Main Bhi ?
If you have the Dell SupportAssist app not running the latest version then yes you’re at risk.
Oh Thank God, I am Not Running this App