If
you have a Dell laptop, this is a good time to update your system. Even if
your computer is not manufactured by Dell, it is possible that a new
vulnerability will affect you.
The existence of a serious security breach has
been unveiled in Dell PCs by Researchers at SafeBreach Labs. The breach would allow hackers to easily
access sensitive information on your computer without your knowledge. To
protect yourself and avoid being hacked install the latest update available
without delay.
Dell
released a security advisory regarding the CVE-2019-12280 vulnerability
identified in the SupportAssist application, designed by PC Doctor. As the IT
giant explains on it's website, it is an "
application that proactively checks the status of hardware and software
in your system. " If there is a problem, the program sends Dell the
necessary status information to start troubleshooting. SupportAssist is installed by default on all devices
of Dell brand.
The
flaw concerns both the version of SupportAssist installed on professional
computers (version 2.0) and domestic versions (versions 3.2.1 and earlier), ie
millions of PCs in circulation, explains Dell. According to a report by
SafeBreach, the firm specialized in cybersecurity, the flaw could allow an
attacker to take control of a remote computer to siphon data contained on it.
There
are some concerns that this failure could affect PCs made by other companies.
SupportAssist
is a renamed version of the Windows hardware diagnostic tool called PC-Doctor
Toolbox. This product has also been renamed to: Corsair ONE Diagnostics,
Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic
Tool and Tobii Dynavox Diagnostic Tool.
The most
effective way to prevent your DLLs from being hijacked is to install patches.
To fix this bug, allow automatic updates or download the latest version of Dell
SupportAssist for Corporate PCs ( x86 or x64 ) or home PCs. For now, it is
unclear if the flaw has already been exploited by pirates.
