Dell Patches Vulnerability in Pre-installed SupportAssist Utility

Discussion in 'other security issues & news' started by ronjor, May 21, 2018.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    162,650
    Location:
    Texas
    By Ionut Arghire on May 21, 2018
     
  2. guest

    guest Guest

    Dell laptops and computers vulnerable to remote hijacks
    Another security flaw in a vendor's bloatware apps puts users at risk
    May 1, 2019

    https://www.zdnet.com/article/dell-...vulnerable-to-remote-hijacks/#ftag=RSSbaffb68
     
  3. guest

    guest Guest

    Dell quietly patched a security vulnerability that affected millions of users
    June 20, 2019
    https://www.cyberscoop.com/dell-supportassist-patch-security-vulnerability-microsoft-windows/
     
  4. guest

    guest Guest

    Dell SupportAssist Bug Exposes Business, Home PCs to Attacks
    February 10, 2020
    https://www.bleepingcomputer.com/ne...ist-bug-exposes-business-home-pcs-to-attacks/
     
  5. guest

    guest Guest

    Dell SupportAssist bugs put over 30 million PCs at risk
    June 24, 2021
    https://www.bleepingcomputer.com/ne...tassist-bugs-put-over-30-million-pcs-at-risk/
     
  6. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I would prefer to uninstall that add-on in my own DELL if possible. IMO they hardly need to monitor things like their own Bios + Security protocols on top or under what Windows is already doing with the 10 model. Plus would shed a few extra services running as well.
     
  7. catspyjamas

    catspyjamas Registered Member

    Joined:
    Jul 1, 2011
    Posts:
    288
    Location:
    New Zealand
    Ugh, so I have an affected machine - my new Dell XPS 9700. What the Dell advisory fails to make clear, is whether the remediating BIOS updates simply prevent you from falling victim to this MTM attack if you haven't already, or, if it also protects users whose machines have already fallen victim and have the exploit on the system just waiting to be triggered (as a result of past BIOS updates with Support Assist or OS recovery back ups made by BIOSConnect). It also fails to provide you with know way of knowing if you've already fallen victim.

    Against my better judgement I updated the BIOS about a week ago using the Dell Update app (which from what I can gather, also uses BIOSConnect like the Support Assist app). I usually update the BIOS on my machines by downloading the executable directly from the drivers page on the manufacturers website (less chance of the update going pear shaped doing it that way). If I'd known this method was a security risk I would never have used the app. I'm not sure why I ignored that small voice and went ahead.

    Also, SupportAssist notified me before I'd installed the remediating BIOS that it had made a recovery back up of my system. I didn't ask it to, and couldn't see a setting in Support Assist to turn that off after the event. This would have used BIOSConnect too. So there have been two ways I could have already fallen victim to this, in the space of a week of owning the laptop. Awesome. The article doesn't make it clear if it's in the wild and machines have already been compromised.
     
    Last edited: Jun 24, 2021
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.