Update Your Dell Laptop Now to Fix a Critical Security Flaw in Pre-Installed Software

Photo: Justin Sullivan / Getty

If you own a Dell, now would be a good time to update your system. Even if your PC wasn’t manufactured by Dell, it’s possible that a new vulnerability affecting millions could apply to you.

Researchers at SafeBreach Labs on Monday disclosed a high-severity flaw in Dell’s SupportAssist utility. And it could allow attackers to inject malicious code onto your business or home PC, eventually gaining full control of the system through privilege escalation.

Advertisement

The vulnerability, which allows attackers to replace harmless DLL files loaded during diagnostic scans with ones bearing a malicious payload, was initially reported on April 29. Dell confirmed the bug a month later and a fix was rolled out late last month.

SafeBreach Labs said it targeted SupportAssist, software pre-installed on most Dell PCs designed to check the health of the system’s hardware, based on the assumption that “such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation.”

What the researchers found is that the application loads DLL files from a folder accessible to users, meaning the files can be replaced and used to load and execute a malicious payload.

Advertisement

There are concerns the flaw may affect non-Dell PCs, as well.

The affected module within SupportAssist is a version of PC-Doctor Toolbox found in a number of other applications, including: Corsair ONE Diagnostics, Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic Tool, and Tobii Dynavox Diagnostic Tool.

Advertisement

The most effective way to prevent DLL hijacking is to quickly apply patches from the vendor. To fix this bug, either allow automatic updates to do its job, or download the latest version of Dell SupportAssist for Business PCs (x86 or x64) or Home PCs (here).

You can read a full version of the SafeBreach Labs report here.

Advertisement

Share This Story

About the author

Dell Cameron

Privacy, security, tech policy | Got a tip? Email: dell@gizmodo.com | Send me encrypted texts using Signal: (202)556-0846

EmailTwitterPosts
PGP Fingerprint: A70D 517E FB9A 02C9 C56E 86D5 877E 64E7 10DF A8AEPGP Key
OTR Fingerprint: 2374A8EA 6D2B7712 0D82D659 C0FE8253 A3F080FD