If you own a Dell computer, you could be vulnerable to security threats from one of its pre-installed applications. While the company once dubbed their “SupportAssist” application as “the industry’s first automated proactive and predictive support technology,” it was soon discovered to have a significant security flaw.
Starting in October, the app has given cybercriminals the ability to hack into new Dell computers running Windows. According to Bill Demirkapi, a 17-year-old security researcher, Dell’s support technology was susceptible to remote code execution attacks.
Basically, the app gave hackers the ability to install malware (malicious software) on most new Dell computers. This could help hackers steal private information, such as bank details, or even take control of your computer.
Dell SupportAssist Vulnerability – Users Are Open to Hacks
The SupportAssist tool is the primary remote support tool offered by Dell to its laptop users. It is designed to perform necessary maintenance tasks, such as diagnostics, driver updates, and debugging your computer.
However, Demirkapi identified vulnerabilities with this particular tool. He cited that the SupportAssist is vulnerable to remote code execution attacks, which are some of the most severe types of flaws in a computer system.
Once in your computer, a hacker can install whatever they want on your computer without your knowledge. And, since the app was pre-installed on all Dell laptops and desktops, there are potentially millions of computer users that have been affected by this particular flaw.
How Does the Attack Happen?
The app was made to proactively detect any hardware or software issues and install updates and drivers automatically.
While this may be convenient, it can become problematic if those updates got hijacked. Hackers can use the app to further breach a computer by installing something nasty on a user’s computer without knowing it.
While Dell implemented security measures in the app to prevent users from downloading any illegitimate or malicious software, hackers had several ways to bypass these “integrity checks.”
Demirkapi showed how hackers could intercept requests from the SupportAssist and redirect the user to download a file from a URL and run it.
The security flaw is particularly nasty, considering that Dell’s SupportAssist has access to Windows on an administrator level. It practically holds the key to anything and everything vital to a computer system.
There is some reason to feel relieved, though since a Dell computer is only vulnerable if a hacker shares the same local network as the user. So it is best to steer clear of public Wi-Fi networks at the local coffee shop if you own a Dell.
Large corporate networks were also a potential target. It only takes one end user to plug in and start hacking. With more computers linked to the system, a hacker will have access to more computers.
Cybercriminal can also compromise someone’s router by fooling the SupportAssist tool.
How to Fix Dell SupportAssist
Since the security threat was made known, Dell has issued patches to correct flaws with the SupportAssist tool. The company was quick to respond to Demirkapi’s report.
The company released a patch on April 23. The SupportAssist v18.104.22.168 is now available for download from the company’s official website.
Users can also update the app via the popups and alerts from Dell. Unfortunately, many users tend to ignore such popups, resulting in potential security threats.
So if you own a Dell, the best thing you can do is update your bundled software to protect your system. It is also a good idea to stay away from open WiFi networks, such as those found in coffee shops and internet cafes.