Skip to main content

Another vulnerability found in Dell’s security bloatware, users must update ASAP

Dell Latitude 7400 2-in-1 review
Mark Coppock/Digital Trends

It’s been a rough week for security issues at Dell. A serious security vulnerability in the company’s SupportAssist software was disclosed by cybersecurity firm SafeBreach, and revealed to effect not only Dell machines but also other OEMs which used the rebranded software on their computers. Dell swiftly released a patch for the vulnerability, which they reminded users about in a security advisory on Thursday. Most users have already been upgraded to the latest version of the software, but if you have a Dell machine you should check that you have the update straight away.

The SupportAssist software is designed to protect machines from malware, but this isn’t the first time the software itself has been revealed to have a vulnerability. Back in April, security research Bill Demirkapi found a vulnerability which allowed Remote Code Execution through the security software. The feature was supposed to allow drivers to be updated through Dell’s website, but it exposed users to security threats which could have allowed attackers to find sensitive information and to execute their own code on people’s machines.

Recommended Videos

This first vulnerability was patched quickly as well, but it is not clear how many people could have been affected. The problem is that SupportAssist uses administrative rights by default, so if the software is compromised it can be used to gain access to much of an affected PC. The latest attack has the same issue, allowing attackers administrative privileges.

Please enable Javascript to view this content

As SafeBreach describes, the SupportAssist program was targeted precisely because it has access to many key hardware systems. “In our initial exploration, we targeted the ‘Dell Hardware Support’ service based on the assumption such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation,” the company explained in its blog post.

SupportAssist comes pre-installed on many Dell laptops, making it typical bloatware which most users simply ignore when they get a new machine. And other OEMs use the same software under the name PC-Doctor Toolbox as well. When a security vulnerability is discovered, users might not think they need to update software they never use, but merely having it on a machine can make it vulnerable.

Dell users should make sure they have automatic updating turned on and update their systems immediately, or download and install the latest version of SupportAssist from Dell’s website.

Georgina Torbet
Georgina has been the space writer at Digital Trends space writer for six years, covering human space exploration, planetary…
PayPal vs. Venmo vs. Cash App vs. Apple Cash: which app should you use?
PayPal, Venmo, Cash App, and Apple Wallet apps on an iPhone.

We’re getting closer every day to an entirely cashless society. While some folks may still carry around a few bucks for emergencies, electronic payments are accepted nearly everywhere, and as mobile wallets expand, even traditional credit and debit cards are starting to fall by the wayside.

That means many of us are past the days of tossing a few bills onto the table to pay our share of a restaurant tab or slipping our pal a couple of bucks to help them out. Now, even those things are more easily doable from our smartphones than our physical wallets.

Read more
How to change margins in Google Docs
Laptop Working from Home

When you create a document in Google Docs, you may need to adjust the space between the edge of the page and the content --- the margins. For instance, many professors have requirements for the margin sizes you must use for college papers.

You can easily change the left, right, top, and bottom margins in Google Docs and have a few different ways to do it.

Read more
What is Microsoft Teams? How to use the collaboration app
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Online team collaboration is the new norm as companies spread their workforce across the globe. Gone are the days of primarily relying on group emails, as teams can now work together in real time using an instant chat-style interface, no matter where they are.

Using Microsoft Teams affords video conferencing, real-time discussions, document sharing and editing, and more for companies and corporations. It's one of many collaboration tools designed to bring company workers together in an online space. It’s not designed for communicating with family and friends, but for colleagues and clients.

Read more