Tue. Aug 11th, 2020

Researchers Discover Vulnerability in Dell’s SupportAssist

A serious security vulnerability in Dell’s SupportAssist software has been disclosed. Dell quickly released a patch for the vulnerability, so if you have a Dell PC, you should update it.


Dell’s SupportAssist software is designed, in part, to protect your computer from security vulnerabilities. But researchers at SafeBreach discovered that SupportAssist has a vulnerability of its own that makes running older versions of the software a risk to your system.


In a blog post, security researchers targeted SupportAssist with the assumption being that “such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation.”


What the researchers found is that the application loads DLL files from a folder accessible to users, meaning that attackers could replace harmless DLL files with ones bearing a malicious payload and eventually gain full control of the system through privilege escalation.


There are concerns that the vulnerability doesn’t just affect Dell PC’s. That’s because the affected version of SupportAssist is found in a number of other applications, including: Corsair ONE Diagnostics, Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic Tool, and Tobii Dynavox Diagnostic Tool.


SupportAssist software is pre-installed on most Dell PC’s, so according to SafeBreach researcher, Peleg Hadar, “as long as the software is not patched, the vulnerability affects millions of Dell PC users.”


The most effective way to prevent DLL hijacking is to quickly apply the patches.