It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Dell PCs ship with DLL hijacking bug Dell PCs ship with DLL hijacking bug
FAQ Members List Calendar Search Today's Posts Mark Forums Read


Dell PCs ship with DLL hijacking bug
Reply
 
Thread Tools
Old 25th June 2019, 08:33   #1
[M] Reviewer
 
Stefan Mileschin's Avatar
 
Join Date: May 2010
Location: Romania
Posts: 153,575
Stefan Mileschin Freshly Registered
Default Dell PCs ship with DLL hijacking bug

You will have a fishy on a little dishy, when the bloat comes in

Millions of PCs made by Dell and other OEMs are vulnerable to a flaw stemming from a component in pre-installed SupportAssist software which enables a remote attacker to completely take over affected devices.

The high-severity vulnerability (CVE-2019-12280) stems from a component in SupportAssist, a proactive monitoring software pre-installed on PCs with automatic failure detection and notifications for Dell devices. That component is made by a company called PC-Doctor, which develops hardware-diagnostic software for various PC and laptop original equipment manufacturers (OEMs).

Peleg Hadar, security researcher with SafeBreach Labs, who discovered the breach, said that SupportAssist is preinstalled on most of Dell devices running Windows, which means that as long as the software is not patched, this vulnerability probably affects many Dell users.

A patch has been released by PC-Doctor.

Dell sought to downplay the flaw, telling users to switch on automatic updates or manually update their SupportAssist software. Because most customers have automatic updates enabled, around 90 percent of customers to date have received the patch, said a Dell spokesperson.

SupportAssist, checks the health of system hardware and software and requires high permissions. The vulnerable PC-Doctor component is a signed driver installed in SupportAssist. This allows SupportAssist to access the hardware (such as physical memory or PCI).

https://fudzilla.com/news/48929-dell...-hijacking-bug
Stefan Mileschin is online now   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
US charges nine people over $2.4 million SIM hijacking ring Stefan Mileschin WebNews 0 13th May 2019 09:48
Dell's pre-installed software left PCs open to hijacking Stefan Mileschin WebNews 0 5th May 2019 05:13
Man pleads guilty to hijacking Apple IDs of rappers and sports stars Stefan Mileschin WebNews 0 1st April 2019 10:29
Chrome may stop websites from hijacking your browser's back button Stefan Mileschin WebNews 0 20th December 2018 09:10
Android P will prevent apps from quietly hijacking your camera Stefan Mileschin WebNews 0 26th February 2018 06:31
Blizzard games were vulnerable to a remote hijacking exploit Stefan Mileschin WebNews 0 24th January 2018 19:23
Opera update keeps sites from hijacking your browser to mine bitcoin Stefan Mileschin WebNews 0 5th January 2018 06:30
Dell to ship XPS 13 with Ubuntu Linux in some areas Stefan Mileschin WebNews 0 20th July 2012 08:10
Server Clash: DELL's Quad Opteron DELL R815 vs HP's DL380 G7 and SGI's Altix UV10 jmke WebNews 0 9th September 2010 17:01
Dell to ship its first Blu-ray at Christmas jmke WebNews 0 30th March 2006 14:20

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 09:05.


Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
SEO by vBSEO