Skip to main content
  1. Home
  2. Web
  3. News

Another vulnerability found in Dell’s security bloatware, users must update ASAP

Georgina Torbet
By
Dell Latitude 7400 2-in-1 review
Mark Coppock/Digital Trends

It’s been a rough week for security issues at Dell. A serious security vulnerability in the company’s SupportAssist software was disclosed by cybersecurity firm SafeBreach, and revealed to effect not only Dell machines but also other OEMs which used the rebranded software on their computers. Dell swiftly released a patch for the vulnerability, which they reminded users about in a security advisory on Thursday. Most users have already been upgraded to the latest version of the software, but if you have a Dell machine you should check that you have the update straight away.

The SupportAssist software is designed to protect machines from malware, but this isn’t the first time the software itself has been revealed to have a vulnerability. Back in April, security research Bill Demirkapi found a vulnerability which allowed Remote Code Execution through the security software. The feature was supposed to allow drivers to be updated through Dell’s website, but it exposed users to security threats which could have allowed attackers to find sensitive information and to execute their own code on people’s machines.

Recommended Videos

This first vulnerability was patched quickly as well, but it is not clear how many people could have been affected. The problem is that SupportAssist uses administrative rights by default, so if the software is compromised it can be used to gain access to much of an affected PC. The latest attack has the same issue, allowing attackers administrative privileges.

Related

As SafeBreach describes, the SupportAssist program was targeted precisely because it has access to many key hardware systems. “In our initial exploration, we targeted the ‘Dell Hardware Support’ service based on the assumption such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation,” the company explained in its blog post.

SupportAssist comes pre-installed on many Dell laptops, making it typical bloatware which most users simply ignore when they get a new machine. And other OEMs use the same software under the name PC-Doctor Toolbox as well. When a security vulnerability is discovered, users might not think they need to update software they never use, but merely having it on a machine can make it vulnerable.

Dell users should make sure they have automatic updating turned on and update their systems immediately, or download and install the latest version of SupportAssist from Dell’s website.

Editors' Recommendations

Topics
Georgina Torbet
Georgina Torbet
Space Writer
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
How to enable picture-in-picture for YouTube on your Mac
Macbook Air

If you want to have a bit of music playing in the background or want to have your favorite YouTube video running in the corner of your screen, then the picture-in-picture YouTube feature needs to be on your radar. This allows you to turn your YouTube videos into a tiny pop-up window that can be moved and repositioned around your screen.

Mac users have several ways to activate the feature, including support on both Safari and Google Chrome. There's also a nifty Chrome extension that simplifies the task to a single button press. Here's a look at how to enable picture-in-picture for YouTube on your Mac.

Read more
How to change your Gmail password
pilot testing drivers licenses internet rolls two us states password

Changing your Gmail password is incredibly important for your online security. If you're anything like the average user, your Gmail account is linked to dozens of other organizations and programs – and if your account gets hacked, there's no telling what sort of damage can be done.

Because of this, it's crucial to change your Gmail password at regular intervals. Google makes this a rather painless process, and it should take no more than a few seconds from start to finish.

Read more
Best Buy deals: Save on laptops, TVs, appliances, and more
best buy shuts down insignia line smart home products store 2 768x768

Best Buy is always a great retailer to turn to if you’re looking for some savings. There are almost always Best Buy deals taking place on TVs, appliances, and devices we use to navigate the digital world. In fact, right now at Best Buy you can find some of the best TV deals, best laptop deals, and best phone deals that can be shopped, and we haven’t even mentioned the deals on tablets and home audio equipment currently taking place at Best Buy. We’ve rounded up all of the best Best Buy deals you can shop right now and categorized them for your convenience below, so read onward for some great opportunities to save.
Best Buy TV deals

There may be no better place to purchase one of the best TVs than Best Buy. There is almost always some huge savings to find on TVs at Best Buy, and that’s certainly the case right now. You’ll find deals top TV brands like Sony, Samsung, and LG, and more budget-friendly brands like TCL and Hisense are in play, too.

Read more