Millions of Windows Dell PCs need patching: Give-me-admin security gremlin found lurking in bundled support tool

www.theregister.co.uk | 6/20/2019 | Staff
red815 (Posted by) Level 3
Click For Photo: https://regmedia.co.uk/2015/10/26/michael_dell_photo_dell.jpg

Dell's troubleshooting software SupportAssist, bundled with the US tech titan's home and business computers, has a security flaw that can be exploited by malware and rogue logged-in users to gain administrator powers.

The Texan system slinger today issued an advisory warning that its PC repair tool suffers a privilege-escalation vulnerability, CVE-2019-12280, and needs patching. We're told Dell SupportAssist for Business PCs version 2.0.1 and Dell SupportAssist for Home PCs version 3.2.2 are the builds you need to fetch and install to kill off this high-severity hole.

Versions - Software - Dell - SupportAssist - Business

Affected versions of the software include Dell SupportAssist for Business PCs version 2.0, and Dell SupportAssist for Home PCs version 3.2.1 and all prior releases.

The IT giant includes the Windows-based troubleshooting program with new desktops, notebooks, and tablets. Unfortunately, as eggheads at SafeBreach Labs discovered and privately reported, the software insecurely loads .dll files when run. Researcher Peleg Hadar told The Register SupportAssist, which runs with SYSTEM-level privileges, will automatically pull in unsigned code libraries from user-controlled folders. That means malware or dodgy users can leave their own .dll files in a path, wait for SupportAssist to blindly load them, and thus execute code within an admin context.

Software - Nasties - Computer - Insider - Control

That would allow software nasties already on a computer, or a rogue logged-in insider, to gain complete control over a vulnerable box. It also means, say, browser exploits that can drop...
(Excerpt) Read more at: www.theregister.co.uk
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!