Millions of PCs were made vulnerable to remote takeover due to a flaw in Dell’s SupportAssist software, a software designed to protect users from susceptibilities.

According to a June 21 blog post, SafeBreach security researchers revealed the high-severity flaw (CVE-2019-12280) which comes from a component in SupportAssist, which checks the health of system hardware and software and needs high permissions.

No digital certificate authentication is made against the binary when downloading a dynamic link library (DLL) so the program doesn’t authenticate whether the DLL that it will load is signed and will load a random unsigned DLL without any hassle.

Consequently, a remote attack can exploit the vulnerability by tricking a victim into downloading a malevolent file to a specific folder. PC-Doctor has released a patch for infected devices and users are counseled to update as soon as they can.

 

Leave a Reply

Your email address will not be published. Required fields are marked *