Smartphones like PCs are mostly delivered with bloatwares, these applications pre-installed by manufacturers and which often have a high level of privilege. This is the case for the SupportAssist utility that is installed by default on Dell PCs. A security researcher named Bill Demirkapi discovered that this tool contained a vulnerability that allows hackers to install malware remotely.
Dell: a security vulnerability discovered in the SupportAssist tool of its computers
The SupportAssist utility has administrator privileges on Windows and is designed for debugging, diagnosing, and automatically updating Dell drivers. Bill Demirkapi discovered that it was possible to hijack this tool via JavaScript to download and execute files from an attacker-controlled location. This makes it possible to compromise the security of Dell PCs in various ways by installing remote malware.
For the attack to work, it is nevertheless necessary that the hacker and his target are connected to the same network, that of a public WiFi for example, as explained by the researcher. "The attacker must be on the same network as his victim to be able to launch an ARP or DNS spoofing attack in order to execute his code remotely," Demirkapi told ZDnet.
Dell released a fix for this security vulnerability on April 23rd. However, many users may still be exposed unless you have installed the latest version of the SupportAssist utility available at this address. The other option is to uninstall the tool, which is not recommended.
