Dell he said on June 21 that a critical update was released for the software Dell SupportAssist – which Dell probably has computer if you did not immediately remove the pre-installed rubbish.
Specifically, in SupportAssist's PC-Doctor, there is a vulnerability in the way it checks (or does not check) the validity of certain DLLs on your computer.
If someone is able to pass a malicious DLL on your machine, to a specific location and to a specific file name, PC-Doctor runs it with system-wide privileges.
According to the company, Dell SupportAssist for Business PC in 2.0.1 and Dell SupportAssist for Home PC in 3.2.2 are the builds you need to install immediately to protect your computers.
The company has this specific troubleshooter with every new desktop - laptop and tablet.
The company security SafeBreach Labs was the first to discover the bug, and initially reported to Dell that SupportAssist could run DLLs at the SYSTEM level.
This means that if a malicious application leaves its own .dll file somewhere on the disk, it only has to wait for it to "meet" with SupportAssist.
Of course, if you have a Dell computer and you have not updated your system, you should do so immediately.
“We can assume that all Dell computers running the functional Windows system without changes from the manufacturer are vulnerable,” says SafeBreach Labs.
But the most worrying thing is that the security company believes that not only Dell has software with this flaw.
The reason for this is that the vulnerability is in a third-party component of it software Dell SupportAssist, which is developed and maintained by PC Doctor, a support and diagnostics application company:
PC Doctor sells its software to computer manufacturers that then integrate it into their products, such as SupportAssist in the case of Dell.
You may remember that the same software Dell SupportAssist had another security gap in May of 2019.
Of course, from iGuRu.gr, we have repeatedly mentioned that you do not have to continue using such crapware, so an alternative to updating is the uninstall of the application.
________________
- YTS new .LT Domain, visible in Greece without DNS change
- Facebook Libra: Three questions for Facebook
- Florida paid 600.000 ransom dollars to ransomware