Dell laptops and computers vulnerable to remote hijacks Another security flaw in a vendor's bloatware apps puts users at risk May 1, 2019 https://www.zdnet.com/article/dell-...vulnerable-to-remote-hijacks/#ftag=RSSbaffb68
Dell quietly patched a security vulnerability that affected millions of users June 20, 2019 https://www.cyberscoop.com/dell-supportassist-patch-security-vulnerability-microsoft-windows/
Dell SupportAssist Bug Exposes Business, Home PCs to Attacks February 10, 2020 https://www.bleepingcomputer.com/ne...ist-bug-exposes-business-home-pcs-to-attacks/
Dell SupportAssist bugs put over 30 million PCs at risk June 24, 2021 https://www.bleepingcomputer.com/ne...tassist-bugs-put-over-30-million-pcs-at-risk/
I would prefer to uninstall that add-on in my own DELL if possible. IMO they hardly need to monitor things like their own Bios + Security protocols on top or under what Windows is already doing with the 10 model. Plus would shed a few extra services running as well.
Ugh, so I have an affected machine - my new Dell XPS 9700. What the Dell advisory fails to make clear, is whether the remediating BIOS updates simply prevent you from falling victim to this MTM attack if you haven't already, or, if it also protects users whose machines have already fallen victim and have the exploit on the system just waiting to be triggered (as a result of past BIOS updates with Support Assist or OS recovery back ups made by BIOSConnect). It also fails to provide you with know way of knowing if you've already fallen victim. Against my better judgement I updated the BIOS about a week ago using the Dell Update app (which from what I can gather, also uses BIOSConnect like the Support Assist app). I usually update the BIOS on my machines by downloading the executable directly from the drivers page on the manufacturers website (less chance of the update going pear shaped doing it that way). If I'd known this method was a security risk I would never have used the app. I'm not sure why I ignored that small voice and went ahead. Also, SupportAssist notified me before I'd installed the remediating BIOS that it had made a recovery back up of my system. I didn't ask it to, and couldn't see a setting in Support Assist to turn that off after the event. This would have used BIOSConnect too. So there have been two ways I could have already fallen victim to this, in the space of a week of owning the laptop. Awesome. The article doesn't make it clear if it's in the wild and machines have already been compromised.