BlogSpotTipsBlogSpotTips
  • Home
  • Education
  • Finance
  • Latest Internet News
    • Social Media
    • Software
  • Game
  • Contact Us !
Facebook Twitter Instagram
BlogSpotTipsBlogSpotTips
  • Home
  • Education
  • Finance
  • Latest Internet News
    • Social Media
    • Software
  • Game
  • Contact Us !
Facebook Twitter Instagram
BlogSpotTipsBlogSpotTips
Home»Software»Dell software designed to protect you from vulnerabilities has another vulnerability
Software

Dell software designed to protect you from vulnerabilities has another vulnerability

Loknath DasBy Loknath DasJune 22, 2019Updated:June 22, 2019No Comments2 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Share
Facebook Twitter LinkedIn Pinterest Email

Dell’s SupportAssist software, a Windows toolkit designed in part to protect your computer from security vulnerabilities, has yet another vulnerability of its own that makes running older versions of the software a risk to your system. As noted by Gizmodo this morning, this new vulnerability was discovered by security researchers at SafeBreach and disclosed on Monday in a public blog post. Dell has now issued an update to patch it that you should download now.

A serious concern here is that this vulnerability doesn’t just affect Dell machines with SupportAssist, as was the case with an entirely separate SupportAssist vulnerability from two months ago. This time, it can affect other laptop manufacturers that are also, like Dell, using rebranded versions of the same Windows package, which includes a component known as PC-Doctor Toolbox. Other companies known to make use of this same component in software packages include gaming brand Corsair, office supplies chain Staples, and eye-tracking company Tobii.

SUPPORTASSIST KEEPS HAVING SECURITY ISSUES

Because Dell’s SupportAssist has admin-level access to your Windows machine and can automatically install updates, a third party could exploit this vulnerability to install malicious code hiding within what are known as dynamic link library files, or DLL files. “According to Dell’s website, SupportAssist is preinstalled on most of Dell devices running Windows. This means that as long as the software is not patched, the vulnerability affects millions of Dell PC users,” explains SafeBreach researcher Peleg Hadar.

He says there are two key ways this could be exploited by a hacker. The first is it could give “attackers the ability to load and execute malicious payloads by a signed service.” The second is the attacker could bypass Driver Signature Enforcement to gain access to read/write permissions. Both would give a third party considerable control over your machine in worst-case scenarios.

While these are rare cases, it’s not comforting to know that preloaded bloatware on your Windows machine keeps running into severe issues like this.

[“source=theverge”]

Another Dell designed from has protect software to vulnerabilities vulnerability you
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Loknath Das

Related Posts

Why asking, “How are you feeling today?” is so important for managers leading through change

July 28, 2022

Realme Pad Mini launched in India with 8.7-inch display, price starts at Rs 10,999

May 27, 2022

Telenor Quits Myanmar With $105-Million Sale to Lebanon’s M1 Group

May 25, 2022
Recent Post
  • Why asking, “How are you feeling today?” is so important for managers leading through change
  • SEPTEMBER 4TH GOOGLE UPDATE REPORTS ABOUT A MAJOR UPDATE
  • Writing an Article vs. Writing a Blog Post: What’s the Difference?
  • Microsoft 365 Business Premium is the Best Plan for Most Businesses
  • Stocks making the biggest moves midday: Shopify, Etsy, Twitter and more
  • Stocks making the biggest moves premarket: Dick’s Sporting, Express, Wendy’s and more
  • Stellantis CEO warns of electric vehicle battery shortage, followed by lack of raw materials
  • Realme Pad Mini launched in India with 8.7-inch display, price starts at Rs 10,999
Search
  • Home
  • Privacy Policy
  • Contact Us !
© 2023 BlogSpotTips. Designed by BlogSpotTips.

Type above and press Enter to search. Press Esc to cancel.