Dell has released a blog post on Thursday told their customers to update their Dell PCs and laptops to fix a security vulnerability, which is allowing Hackers to gain full access of your computer.
CVE-2019-12280, the vulnerability was spotted in Dell’s Support Assist application for business (Ver. 2) and home PCs (Ver 3.2.1 and above).
The vulnerability in SupportAssist application allowed hackers to take full control of the machine and steal any data from the device, Cybersecurity firm SafeBreach reported this issue.
The DLL files of SupportAssists was loading insecure code libraries when the PC is starting up. Hackers tweak these DLLs to inject a malicious code that further injects in other programs as well.
SafeBreach has not made any statement whether the Dell computers were already hacked, as a big door to the hack was opened.
SupportAssists comes pre-installed in Dell PCs and Laptops. It is a software repair tool which monitors the system’s hardware and software issues, suggesting appropriate actions to take.
SupportAssist isn’t an in-house application of Dell, it is written and controlled by a tech firm called PC-Doctor, which is a US-based customer support and diagnostics firm. And currently, at least 100 million copies of PC doctor software have been preinstalled in Dell PCs and Laptops all around the world.
This is not the first time that SupportAssist software comes under the radar of potential hackers after a major security breach. Dating back in April, Dell also patched a security vulnerability to secure millions of laptops.
The Solution
Dell has announced to keep your windows and software up to date, as the latest batch of Dell update has fixed this issue, but if you haven’t updated your computer or laptop for a while, then your PC will get hacked soon, so put your Dell PC software as well as Windows 10 on update to fix this security issue.