(Opens in a new window) and desktop computer it sells to consumers. That could mean millions of potentially affected systems.
The attack relies on tricking a user into visiting a particular website configured by the perpetrator. There, custom JavaScript fools the Dell software into running files of the attacker's choosing. Someone could use this to steal data, install ransomware, or add the computer to a botnet. You can see a demo of the vulnerability in the video below.
There is at least a shred of good news. Your system is only vulnerable if the attacker is on the same local network where they can use ARP Spoofing. That's not exactly an insurmountable task. Public Wi-Fi networks are a prime target, as are large corporate networks where someone can quietly plug in and launch an attack. A remote attacker may also be able to fool the SupportAssist tool by compromising a user's router.
Dell issued the patch on April 23, but many users are probably conditioned to ignore popups and alerts from Dell's bundled software -- it's usually not important. This is one of those times when you really need to update, though.
To its credit, Dell responded to the report by Demirkapi and took quick action to patch the vulnerability. SupportAssist v3.2.0.90 is available as a direct download(Opens in a new window) on Dell's site as well as a push installation via the company's bundled software.
Now read:
