Millions of devices vulnerable because of a pre-installed software issue

 

Due to a component in SupportAssist software, millions of PCs could be hijacked remotely. The issue affects Dell and other original equipment manufacturers (OEMs).

SupportAssist comes pre-installed on Dell PCs.

This is considered a high-severity vulnerability and stems from a component in SupportAssist, which is a monitoring software that is used to automatically detect failure issues and notifications for Dell devices.

The SupportAssist component is made by the PC-Doctor company. They develop hardware diagnostic software for various PC and laptop OEMs.

Peleg Hadar, the security researcher with SafeBreach Labs who discovered the breach issued a statement, “According to Dell’s website, SupportAssist is preinstalled on most of [the] Dell devices running Windows, which means that as long as the software is not patched, this vulnerability probably affects many Dell users.”

Thankfully, PC-Doctor released a patch that fixes impacted devices which is available on Dell’s website.

Dell also released a statement to Threatpost urging customers to turn on automatic updates, stating that around 90 percent of customers to date have received the patch.

If you have a Dell system, you should update your computer as soon as possible to protect against this potential exploit.

As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648