A young security researcher named Bill Demirkapi has discovered that Dell’s pre-installed software leaves computers and laptops open to hijacking.
The said vulnerability exists in the Dell SupportAssist app’s remote code execution. The software is used for updating drivers, adjust settings and clean out unused files. But after making certain modifications to the app, hackers can misuse it to install malware into your computer or take over your PC.
This exploit, however, is not open to any hacker out there as only attackers on the same local network as your PC can do it. Also, you have to visit a website controlled by the attacker to fully execute the hijack.
How it Works
Here’s a demonstration video by Bill Demirkapi, showing how the attack works.
ARVE Error: src mismatch
src in: https://www.youtube-nocookie.com/embed/0cTfnZ04jgQ?feature=oembed&modestbranding=0&showinfo=0&rel=0&autoplay=1
src gen: https://www.youtube-nocookie.com/embed/0cTfnZ04jgQActual comparison
src in: https://www.youtube-nocookie.com/embed/0cTfnZ04jgQ?modestbranding=0&showinfo=0&rel=0&autoplay=1
src gen: https://www.youtube-nocookie.com/embed/0cTfnZ04jgQ
Dell, meanwhile, has responded to this by releasing a new patch; SupportAssist v184.108.40.206. Users are advised to update their SupportAssist app as soon as possible. If you haven’t received the patch yet, we advise you to uninstall the app until you get it.