Web

Another vulnerability found in Dell’s security bloatware, users must update ASAP

Dell Latitude 7400 2-in-1 review
Mark Coppock/Digital Trends

It’s been a rough week for security issues at Dell. A serious security vulnerability in the company’s SupportAssist software was disclosed by cybersecurity firm SafeBreach, and revealed to effect not only Dell machines but also other OEMs which used the rebranded software on their computers. Dell swiftly released a patch for the vulnerability, which they reminded users about in a security advisory on Thursday. Most users have already been upgraded to the latest version of the software, but if you have a Dell machine you should check that you have the update straight away.

The SupportAssist software is designed to protect machines from malware, but this isn’t the first time the software itself has been revealed to have a vulnerability. Back in April, security research Bill Demirkapi found a vulnerability which allowed Remote Code Execution through the security software. The feature was supposed to allow drivers to be updated through Dell’s website, but it exposed users to security threats which could have allowed attackers to find sensitive information and to execute their own code on people’s machines.

This first vulnerability was patched quickly as well, but it is not clear how many people could have been affected. The problem is that SupportAssist uses administrative rights by default, so if the software is compromised it can be used to gain access to much of an affected PC. The latest attack has the same issue, allowing attackers administrative privileges.

As SafeBreach describes, the SupportAssist program was targeted precisely because it has access to many key hardware systems. “In our initial exploration, we targeted the ‘Dell Hardware Support’ service based on the assumption such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation,” the company explained in its blog post.

SupportAssist comes pre-installed on many Dell laptops, making it typical bloatware which most users simply ignore when they get a new machine. And other OEMs use the same software under the name PC-Doctor Toolbox as well. When a security vulnerability is discovered, users might not think they need to update software they never use, but merely having it on a machine can make it vulnerable.

Dell users should make sure they have automatic updating turned on and update their systems immediately, or download and install the latest version of SupportAssist from Dell’s website.

Mobile

Forget work and find Google’s hidden, fun, time-wasting Wimbledon tennis game

Google has hidden a fun game based around the Wimbledon tennis tournament in its Search engine, ready for those looking to take a short (or not so short) break from what you should really be doing. Work, probably.
Deals

The Nvidia GTX 1060-powered Dell G5 gaming laptop is $320 off

Prime Day is wrapping up, but a few other sales are still going strong for a little while. This gives you more time to jump on post-Prime Day deals like this Dell G5 15, a midrange gaming laptop that’s now on sale for an entry-level…
Deals

Alienware m15 headlines Dell’s gaming PC sale to take on Amazon’s Prime Day

If you're looking to save some money on a new gaming PC or laptop, you may want to skip Amazon's Prime Day for Dell's Cyber Monday in July event. As part of the sale, you can score up to $710 in savings on the Alienware m15.
Computing

Here's everything you need to know about buying your next laptop

In this laptop buying guide we'll explain exactly what all of the current offerings are all about and why you need them (or don't). Broken down by cost, operating system and features, this guide will help you get what you need.
Deals

Dell rivals Amazon Prime Day with XPS and Alienware gaming desktop deals

If you’re after a new work or gaming desktop PC that won't break the bank, Dell’s Black Friday in July sale has you covered: We’ve rounded up a few of the top deals from the event, all of which pack the latest hardware and great…
Small Business

The 15 best tech jobs boast top salaries, high satisfaction, lots of openings

June may be ending, but the bonanza of tech jobs just keeps coming. High-paying jobs abound at companies where people love to work. If you’re ready to make a change, this is a great time to look for something more fulfilling.   
Social Media

YouTube offers creators more ways to boost their bank accounts

Whether you're a top YouTube creator or just breaking into the game, the video-streaming site has some new features designed to help you please your fans and increase your bank balance.
Movies & TV

20 Netflix hacks, tips, and tricks to make your streaming experience better

Netflix's tried-and-true formula hardly begs for improvement, but you can get even more out of your subscription with these 20 Netflix tips and tricks, sure to improve your online streaming experience.
News

All of these services let you own your content, so you’ll never lose it

With the closure of Microsoft's ebook store, consumers have begun to wonder exactly how much of their digital media they actually own, and how much is licensed. For the average person, the news isn't great.
Computing

Need to block ads and trackers? Browse our list of the best browsers for privacy

Whether your privacy concerns are focused on controlling cookies or blocking ads and malware, you're sure to find the best browser for your security needs among our picks for the best browsers for privacy.
News

A new phishing scam targets Amazon users just in time for Prime Day

Security researchers at McAfee say that hackers have released a do-it-yourself kit that allows people to easily put together phishing scams targeting Amazon users -- just in time for Prime Day.
Emerging Tech

Stay up to date on Tropical Storm Barry's path with these apps and websites

Looking to track Tropical Storm Barry as it makes landfall and heads into the southeastern U.S.? We've assembled a list of the best hurricane tracking apps and websites to stay ahead of the storm, and out of harm's way.
Movies & TV

Tired of Netflix? Here's where to find free movies online, legally

We've spent countless hours digging around the web to find the best sites for streaming free movies online. Not only are all of these sites completely free to use, they're also completely legal and trustworthy.
Social Media

Twitter’s mobile-inspired dark mode desktop makeover isn’t just about looks

Twitter.com may have a new look, but it's one that already feels familiar. The new design for Twitter's desktop version borrows heavily from the platform's mobile apps, with a sleeker look, a new dark mode, and easier navigation.