A new security vulnerability has been detected on Dell computers that can be remotely compromised. The culprit in this case is the pre-installed Dell SupportAssist application, which presents a security vulnerability for laptops and PCs for remote attack. This error allows an attacker to execute code with administrator privileges on DELL devices that are running an older version of that tool.
Please note that Dell issued a security patch on April 23, so if you update the Dell SupportAssist application, you will not be at risk. However, tools of this type are often abandoned in computers without being updated by the user, so there are thousands of computers that are potentially vulnerable to these attacks.
The number of users affected by this issue is estimated to be extremely high, since it is an application pre-installed on almost all Dell laptops and PCs. However, if you purchased a Dell or a computer previously installed by the company without an operating system, you will not be affected. If your application is installed and you have not updated it, you may be at risk.
The attack uses a trick to lure users to a malicious Web page with a JavaScript code capable of fooling the Dell SupportAssist application. This code can cause Dell SupportAssist to download and execute the files from a location controlled by the attacker itself. The application works as an administrator, so the attacker will have all the permissions necessary to hack the computer. Demirkapi presented details of this on this site.
0 Comments