Serviceteam IT Security News
Dell has released a security alert letting customers know that they should update SupportAssist for both business and home PCs.

The vulnerability was discovered by SafeBreach security researcher Peleg Hadar, who wrote that the OEM software vulnerability puts multiple laptops at risk.

PC-Doctor, which makes and maintains the software-repair tool wrote that it had recently learned of the vulnerability, adding, “In our opinion, it would be very rare for one to have both permissions and the ability to exploit this vulnerability.

“To exploit this vulnerability, an administrative user or process would have to change the system’s PATH environment variable to include a folder writable by non-admin users, and craft a DLL that exploits PC-Doctor’s administrative privileges. It is not possible to exploit this vulnerability without modifying default Windows settings.”

“According to Dell’s website, SupportAssist is preinstalled on most of Dell devices running Windows. This means that as long as the software is not patched, the vulnerability affects millions of Dell PC users,” Hadar wrote.

The vulnerability in SupportAssist was originally report on April 29, 2019. “In our initial exploration, we targeted the ‘Dell Hardware Support’ service based on the assumption [that] such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation,” Hadar said.

If exploited, attackers could load and execute malicious payloads by a signed service, which could also be abused for execution and evasion.

On May 28, the fixes provided by PC-Doctor for the affected versions of Support Assist were released by Dell.

Noting that the PC-Doctor CVE-2019-12280 vulnerability received a high severity rating, Dell’s security advisory said, “The PC Doctor component in Dell SupportAssist for Business Systems and Dell SupportAssist for Home PCs has been updated. The vulnerability affects the Dell SupportAssist for Business PCs version 2.0.1 and Dell SupportAssist for Home PCs version 3.2.2.”

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!