A new vulnerability has been discovered in Dell computers that have left millions of systems at risk of a privilege-escalation attack. Dell has released a security advisory warning for all of its consumers to update their laptops and PCs to patch the said vulnerability. The flaw was once agani found in the SupportAssist tool that is bundled with every Dell computer, and this vulnerability was first spotted by SafeBreach. The CVE-2019-12280 vulnerability exists in SupportAssist app for business v2.0 and home PCs v 3.2.1 and prior.
As mentioned, SafeBreach was the one that discovered the flaw and reported this vulnerability. It allows hackers to take over the machine and read the physical memory stored onboard. The problem lies in the SupportAssist tool that is bundled with nearly every Dell computer. The vulnerability lies in the PC-Doctor component. SafeBreach warns that it is possible to "exploit this vulnerability in order to load an arbitrary unsigned DLL into a service that runs as SYSTEM, achieving privilege escalation and persistence". The firm notes that there could well be over 100 million Dell systems that may be affected. Notably, this is the second major vulnerability in the SupportAssist tool found in 2019, with another reported in March.
Dell has already issued an update and "recommends all customers to update at the earliest opportunity." If auto-update is enabled, then the company should have already updated SupportAssist for Business PCs and SupportAssist for Home PCs automatically. However, a whole step-by-step guide can also be found on its security advisory page.
The company further told Tom's Guide, “Dell SupportAssist is not made by PC-Doctor. The vulnerability discovered by SafeBreach is a PC-Doctor vulnerability, which is a third-party component that ships with Dell SupportAssist for PCs. More than 90 percent of customers to date have received the update, released on May 28, 2019, and are no longer at risk. Dell SupportAssist updates automatically if automatic updates are enabled, and most customers have automatic updates turned on.”
All Dell PC and laptop users are advised to check if they are updated to the latest version of SupportAssist. You need to be on Dell SupportAssist for Business PCs version 2.0.1 or Dell SupportAssist for Home PCs version 3.2.2 to ensure that you are safe from any unwanted attacks.